SoylentNews is people
SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.
SoylentNews
Submission Preview
How key shielding works
On June 21, 2019, support for SSH key shielding was intro‐
duced into the OpenBSD tree, from which the OpenSSH releases
are derived. SSH key shielding is a measure intended to
protect private keys in RAM against attacks that abuse bugs
in speculative execution that current CPUs exhibit.[0] This
functionality has been part of OpenSSH since the 8.1 re‐
lease. SSH private keys are now being held in memory in a
shielded form; keys are only unshielded when they are used
and re‐shielded as soon as they are no longer in active use.
When a key is shielded, it is encrypted in memory with
AES‐256‐CTR; this is how it works: [...]
https://xorhash.gitlab.io/xhblog/0010.html [gitlab.io]
You're working under a slight handicap. You happen to be human.
