SSH-Passkeys: Leveraging Web Authentication for Passwordless SSH

• URL: http://arxiv.org/abs/2507.09022v1
• Date: Fri, 11 Jul 2025 21:13:09 GMT
• Title: SSH-Passkeys: Leveraging Web Authentication for Passwordless SSH
• Authors: Moe Kayali, Jonas Schmitt, Franziska Roesner,
• Abstract summary: Passwords remain the dominant mode of SSH authentication, despite their well known flaws such as phishing and reuse.<n>WebAuthn is a modern authentication standard designed to replace passwords, managing keys on behalf of the user.<n>We propose a framework to integrate WebAuthn with SSH servers, by using UNIX pluggable authentication modules (PAM)
• Score: 11.865671333047658
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the user and offer strong security guarantees. Passwords remain the dominant mode of SSH authentication, despite their well known flaws such as phishing and reuse. SSH's custom key-based authentication protocol can alleviate these issues but remains vulnerable to key theft. Additionally, it has poor usability, with even knowledgeable users leaking key material and failing to verify fingerprints. Hence, effective key management remains a critical open area in SSH security. In contrast, WebAuthn is a modern authentication standard designed to replace passwords, managing keys on behalf of the user. As a web API, this standard cannot integrate with SSH directly. We propose a framework to integrate WebAuthn with SSH servers, by using UNIX pluggable authentication modules (PAM). Our approach is backwards-compatible, supports stock SSH servers and requires no new software client-side. It offers protection for cryptographic material at rest, resistance to key leaks, phishing protection, privacy protection and attestation capability. None of these properties are offered by passwords nor traditional SSH keys. We validate these advantages with a structured, conceptual security analysis. We develop a prototype implementation and conduct a user study to quantify the security advantages of our proposal, testing our prototype with 40 SSH users. The study confirms the security problems of SSH-keys, including 20% of the cohort leaking their private keys. Our SSH-passkeys effectively address these problems: we find a 90% reduction in critical security errors, while reducing authentication time by 4x on average.

Related papers

• Device-Bound vs. Synced Credentials: A Comparative Evaluation of Passkey Authentication [0.0]
  With passkeys, the FIDO Alliance introduces the ability to sync FIDO2 credentials across a user's devices through passkey providers.<n>This aims to mitigate user concerns about losing their devices and promotes the shift toward password-less authentication.<n>We show how credential syncing has also created a debate among experts about their security guarantees.
  arXiv  Detail & Related papers  (2025-01-13T15:00:18Z)
• Jailbreaking Leading Safety-Aligned LLMs with Simple Adaptive Attacks [38.25697806663553]
  We show that even the most recent safety-aligned LLMs are not robust to simple adaptive jailbreaking attacks.<n>We achieve 100% attack success rate -- according to GPT-4 as a judge -- on Vicuna-13B, Mistral-7B, Phi-3-Mini, Nemotron-4-340B, Llama-2-Chat-7B/13B/70B, Llama-3-Instruct-8B, Gemma-7B, GPT-3.5, GPT-4o, and R2D2 from HarmBench.
  arXiv  Detail & Related papers  (2024-04-02T17:58:27Z)
• From Hardware Fingerprint to Access Token: Enhancing the Authentication on IoT Devices [33.25850729215212]
  We present MCU-Token, a secure hardware fingerprinting framework for MCU-based IoT devices. MCU-Token can achieve high accuracy (over 97%) with a low overhead across various IoT devices and application scenarios.
  arXiv  Detail & Related papers  (2024-03-22T15:15:28Z)
• The Power of Bamboo: On the Post-Compromise Security for Searchable Symmetric Encryption [43.669192188610964]
  Dynamic searchable symmetric encryption (DSSE) enables users to delegate the keyword search over dynamically updated databases to an honest-but-curious server. This paper studies a new and practical security risk to DSSE, namely, secret key compromise. We introduce the notion of searchable encryption with key-update (SEKU) that provides users with the option of non-interactive key updates.
  arXiv  Detail & Related papers  (2024-03-22T09:21:47Z)
• A Novel Protocol Using Captive Portals for FIDO2 Network Authentication [45.84205238554709]
  We introduce FIDO2CAP: FIDO2 Captive-portal Authentication Protocol. We develop a prototype of FIDO2CAP authentication in a mock scenario. This work makes the first systematic approach for adapting network authentication to the new authentication paradigm relying on FIDO2 authentication.
  arXiv  Detail & Related papers  (2024-02-20T09:55:20Z)
• SOAP: A Social Authentication Protocol [0.0]
  We formally define social authentication, present a protocol called SOAP that largely automates social authentication, formally prove SOAP's security, and demonstrate SOAP's practicality. One prototype is web-based, and the other is implemented in the open-source Signal messaging application.
  arXiv  Detail & Related papers  (2024-02-05T17:03:10Z)
• Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation [11.499428847222099]
  We show that the SSH Binary Packet Protocol is no longer a secure channel. This allows prefix truncation attacks where encrypted packets at the beginning of the SSH channel can be deleted without the client or server noticing it. We propose effective and backward-compatible changes to SSH to mitigate our attacks.
  arXiv  Detail & Related papers  (2023-12-19T18:51:12Z)
• Tamper-Evident Pairing [55.2480439325792]
  Tamper-Evident Pairing (TEP) is an improvement of the Push-Button configuration (PBC) standard. TEP relies on the Tamper-Evident Announcement (TEA), which guarantees that an adversary can neither tamper a transmitted message without being detected, nor hide the fact that the message has been sent. This paper provides a comprehensive overview of the TEP protocol, including all information needed to understand how it works.
  arXiv  Detail & Related papers  (2023-11-24T18:54:00Z)
• ROSTAM: A Passwordless Web Single Sign-on Solution Mitigating Server Breaches and Integrating Credential Manager and Federated Identity Systems [0.0]
  We envision a passwordless future which provides a frictionless and trustworthy online experience for users by integrating credential management and federated identity systems. In this regard, our implementation ROSTAM offers a dashboard that presents all applications the user can access with a single click after a passwordless SSO. The security of web passwords on the credential manager is ensured with a Master Key, rather than a Master Password, so that encrypted passwords can remain secure even if stolen from the server.
  arXiv  Detail & Related papers  (2023-10-08T16:41:04Z)
• SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices [67.65883495888258]
  We present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes. SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices. We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud.
  arXiv  Detail & Related papers  (2023-09-26T08:11:38Z)
• Public Key Encryption with Secure Key Leasing [24.410596031297242]
  We introduce the notion of public key encryption with secure key leasing (PKE-SKL) Our notion is similar in spirit to the notion of secure software leasing (SSL) introduced by Ananth and La Placa (Eurocrypt 2021) In more detail, our adversary is not restricted to use an honest evaluation algorithm to run pirated software.
  arXiv  Detail & Related papers  (2023-02-22T21:37:57Z)
• Smart Home, security concerns of IoT [91.3755431537592]
  The IoT (Internet of Things) has become widely popular in the domestic environments. People are renewing their homes into smart homes; however, the privacy concerns of owning many Internet connected devices with always-on environmental sensors remain insufficiently addressed. Default and weak passwords, cheap materials and hardware, and unencrypted communication are identified as the principal threats and vulnerabilities of IoT devices.
  arXiv  Detail & Related papers  (2020-07-06T10:36:11Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.