Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Thursday December 19 2019, @08:37PM   Printer-friendly
from the vibranium dept.

On June 21, 2019, support for SSH key shielding was introduced into the OpenBSD tree, from which the OpenSSH releases are derived. SSH key shielding is a measure intended to protect private keys in RAM against attacks that abuse bugs in speculative execution that current CPUs exhibit.[0] This functionality has been part of OpenSSH since the 8.1 release. SSH private keys are now being held in memory in a shielded form; keys are only unshielded when they are used and re‐shielded as soon as they are no longer in active use. When a key is shielded, it is encrypted in memory with AES‐256‐CTR; this is how it works: [...]

https://xorhash.gitlab.io/xhblog/0010.html


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Friday December 20 2019, @04:00AM

    by Anonymous Coward on Friday December 20 2019, @04:00AM (#934528)

    Even better, do it twice!