blink icon indicating copy to clipboard operation
blink copied to clipboard

Published 20 hours ago verified publisher icon blinksh

Keys not retained in backups but still listed in keys menu

Open elliot-wood opened this issue 6 years ago • 9 comments

When restoring an iOS device from a backup, all ssh private keys are lost.

They will still be listed in the keys menu, but they won’t work for authentication and attempting to copy the private key causes a crash.

My guess as to the intended behaviour goes two ways. Either:

  1. private keys are retained in backup, can then be used as usual, or
  2. private keys are not retained, delete them from the keys menu.

Details:

  • iPhone 8 Plus, iOS 11.1b2
  • Using the App Store version of Blink

elliot-wood avatar Oct 14 '17 23:10 elliot-wood

This may be related to what happened to me in #274

goerz avatar Oct 15 '17 05:10 goerz

Yup, this is because the private key is stored within the "Secure Enclave", and we just keep a reference to it. This is to avoid that your private keys are actually in a backup somewhere in the cloud so it is intended.

So the behaviour should be number 2, were private keys shouldn't be retained, with probably a check on first run of the application.

Marking as bug.

carloscabanero avatar Oct 17 '17 22:10 carloscabanero

I believe I ran in to this from an iCloud sync vs. a backup/restore. I have Blink on my iPad which has my keys, and recently installed it on a new iPhone install. iCloud sync brought over all of my host configuration, and the reference of the private key (but as mentioned here, not the key material itself due to it being protected by the secure enclave).

It may be helpful to add a note in the iCloud sync page that private keys are not included in that. Perhaps don't sync the key information at all if it's not really useful?

EDIT: Nevermind, the private key is present (copy private key reveals the contents are in fact there) - but it doesn’t seem to be actively used when I try to connect now.

craSH avatar Nov 09 '17 23:11 craSH

What is the point of the option to sync the keys to iCloud then? Also, for me, when click copy (for the private key) it will crash.

moskovich avatar Nov 28 '17 05:11 moskovich

This was a fk up by yours truly, because we thought we would be able to sync them, and never removed the feature just in case. I thought we had disabled it, but apparently we didn’t. Will try to fix asap.

carloscabanero avatar Dec 18 '17 20:12 carloscabanero

Replicated in migrating from iPhone 6 to iPhone X, and iPad 10.5 to iPad 12.9 2018. I personally believe that keys should not be synced over the cloud, in the name of security.

juneoh avatar Nov 10 '18 04:11 juneoh

How about storing them in Apple's keychain then?

On Sat, Nov 10, 2018, 12:18 June Oh [email protected] wrote:

Replicated in migrating from iPhone 6 to iPhone X, and iPad 10.5 to iPad 12.9 2018. I personally believe that keys should not be synced over the cloud, in the name of security.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/blinksh/blink/issues/364#issuecomment-437556979, or mute the thread https://github.com/notifications/unsubscribe-auth/AAZ0Ubnl7jU1Q6RZBzTzvhTcHDPgwcjZks5utlORgaJpZM4P5krJ .

moskovich avatar Nov 10 '18 05:11 moskovich

Just had this when migrating to a new iPhone. The keys listed my SE key from the previous phone and I was wondering what voodoo was happening, but it couldn’t authenticate with it (thankfully). Deleted the reference and created a new one. Perhaps a check on launch for non-existent SE keys, notifying the user that it’s not there anymore and they might like to set up a new one is a good solution.

nreilly avatar Sep 18 '22 01:09 nreilly