I have an SSH key pair needed for client to cloud communication. Currently the keys are sitting in an easy to find location on the desktop. My normal expectation would be when I publish my app, those keys will be included in the installer and placed in the Program Files folder alongside the application.exe.
One of the keys - I assume the private key - is encrypted, and I can obfuscate the encryption key in my application. Is that sufficient? Should I be handling the keys differently (e.g. is there a way to ‘roll them in’ to the app itself)? Is there a best practices for managing keys with apps?
Obfuscating the encryption key isn’t enough in my opinion. If anyone ever figures it out, your whole security system is gone, and if you use the same one for everyone, you’ve got to reissue your entire app to everyone.
My suggestion would be to generate a separate key-pair for each client, right on the client machines. Then you can revoke individual users without having to reissue all of them.
Also, remember that key-pairs give users a certain level of authenticity when it comes to logging into a server. You may want to have another level of security before you actually install public keys onto the server itself, like a human review of the credentials.
Interesting - not the response I was expecting.
So far I have only generated 1 key pair. Generated by the server host for me to use for root access.
I assume there is a way to have a specific key pair (which I can programmatically generate via Xojo Crypto.RSAGenerateKeyPair) that will only grant server access to a particular directory that I have establish specifically for that individual user - does that sound right?
If you give someone keys for root access in any form you end up giving them your server.
It is best to create an unprivileged user that can only perform the functions that you want them to do. Look into chroot jails to limit the number of commands that may be run.