I plan to put an SSH server on micro-controller devices. There shall be many dev
ID: 655902 • Letter: I
Question
I plan to put an SSH server on micro-controller devices. There shall be many devices distributed in a wide range.
The identity of the server is checked with the server key. The server needs to store the private key to allow the authentication. When I copy the private key to all micro-controllers I have to generate the private key elsewhere (e.g. at my PC). This copy of the private key can be thieved.
It would be more secure when the server generates a key pair and the private key will never be copied from the micro-controller.
- How can I check that I am connected to a server and not to a man in the middle?
- How should I distribute this information to all clients?
The server should work standalone without a hierarchical trust infrastructure.
Explanation / Answer
It's impossible to create a PKI when the server cannot be trusted somehow. You can generate the asymmetric key pair on the server, but you would still have to trust the public key of the key pair. Otherwise the private key may be secure, but you wouldn't know what private key to trust.
So what you should do is to create separate key pairs for each trusted device. Then you should trust the public key of the key pair. This should be performed in a secure environment. You should not distribute the private key to multiple devices as you suggest in your question.