Kolide flags sk SSH key handles as unencrypted private keys

kolide / launcher

Osquery launcher, autoupdater, and packager

https://kolide.com/launcher

Other

500 stars 99 forks source link

Kolide flags sk SSH key handles as unencrypted private keys #1768

Closed smlx closed 6 days ago

smlx commented 1 week ago

SSH sk key handles (FIDO2 token backed) stored on disk are incorrectly flagged as unencrypted private keys.

These files are unencrypted but they just contain a handle to the private key which is stored on the FIDO2 token. So kolide should not flag these as a problem.

directionless commented 6 days ago

Probably a dup of https://github.com/kolide/launcher/issues/758

directionless commented 6 days ago

@smlx I don't use FIDO2 keys. Can you provide us with some sample keys? (or are they confidential)

smlx commented 6 days ago

Hmm. Thinking about this some more, key handles may still be considered sensitive even though they don't contain a plaintext private key.

I'll close this issue, sorry for the noise.