Em 12-06-2015 05:15, Remi Gacogne escreveu:
I am not, but everything depends on your threat model. If you are targeted via an "evil-maid", or a cold-boot attack, FDE may be doomed. Which is why I use secureboot + TPM + this: https://aur.archlinux.org/packages/mkinitcpio-chkcryptoboot/ and this: https://aur.archlinux.org/packages/chkboot/
And I have plans to port the tails memory erase to archlinux.
In addition to that, passphrase-protection on SSH keys has been weak for a long time, because a single MD5(IV || passphrase) is applied to generate the AES key used to encrypt the SSH key [1].
I'm aware of this, which is why I use Keepass + Keeagent, so not only my key is encrypted inside the keepass database, it also has a very long passphrase.
OpenSSL 6.5 introduced a new KDF [2] using bcrypt, enabled by default for ed25519 keys but not for RSA keys, so you may want to upgrade your keys to use the new KDF manually.
I rotate my keys at least twice a year. And now that keeagent supports ed25519 keys, I probably will rotate more often. Now, for the AUR, if it's a simple implementation, then I don't see why not do it. Just I don't see much benefit in compartimentalizing your ssh keys too much. Perhaps of for work and one personal will do. Cheers, Giancarlo Razzolini. Cheers,