Vagrant 默认不安全? [英] Vagrant insecure by default?

问题描述

EDIT 2:TL;DR:2013 年的答案是肯定的，但此缺陷已修复

按照 vagrantup.com 上的入门说明，我似乎最终得到了一个在端口 2222 上接受 SSH 连接的虚拟机，这样任何人都可以获得对我的 VM 的 root 访问权限并使用默认值读取我的主机工作目录凭据(用户名=密码=vagrant 或 vagrant_insecure_private_key).

By following the Getting Started instructions on vagrantup.com, I seem to end up with a virtual machine that is accepting SSH connections on port 2222 so that anyone can get root access to my VM and read my host working directory using the default credentials (username=password=vagrant or vagrant_insecure_private_key).

这是真的吗?如果是，为什么不认为它是一个巨大的安全漏洞?如果我将敏感数据复制到 VM 会怎样?

Is this true? If yes, why is it not considered a gaping security vulnerability? What if I had copied sensitive data to the VM?

编辑:对于那些认为互联网上的任何人都能够读取您的源代码并在您的 VM 上执行任意代码还不错的人，我建议您阅读本文中的突破"部分博客文章 http://blog.onillogical.com/blog/2012/10/31/break-in-and-out-of-vagrant/

EDIT: and for those who think anyone on the internet being able to read your sources and executing arbitrary code on your VM is not that bad, I recommend reading the "Breaking out" section in this blog post http://blog.ontoillogical.com/blog/2012/10/31/breaking-in-and-out-of-vagrant/

简而言之:按预期"运行 Vagrant 还可以让任何人闯入您的主机/开发机器(例如，通过使用恶意的 git post-commit 钩子).

In a nutshell: running Vagrant "as intended" can also enable anyone to break into your host/development machine (e.g., by using a malicious git post-commit hook).

推荐答案

简短的回答是YES.

为什么?

在构建 Vagrant 基础框时(手动或使用 Veewee 等工具自动化)，构建者遵循 vagrant base box 规范，它定义了以下内容:

When building Vagrant base boxes (manually or using tools like Veewee to automate), builders follow the vagrant base boxes specifications which defines the following:

1. 用户 root 和 vagrant 使用 vagrant 作为密码
2. 用户vagrant的公钥认证(无密码).

1. User root and vagrant use vagrant as password
2. Public key authentication (password-less) for the user vagrant.

Vagrant 项目提供了一个不安全的密钥对用于 SSH 公钥认证，以便 vagrant ssh 工作.

Vagrant project provides an insecure key pair for SSH Public Key Authentication so that vagrant ssh works.

因为每个人都可以访问私钥，所以任何人都可以使用私钥登录您的虚拟机(假设他们知道您主机的 IP，端口默认为 2222 作为转发规则.)

Because everyone has access to the private key, anyone can use the private key to login to your VMs (suppose they know your IP of the host machine, port is by default 2222 as forwarding rules in place.)

这不是安全的 OOTB.但是，您可以从 ~vagrant/.ssh/authorized_keys 中删除可信密钥并添加您自己的密钥，更改 vagrant 和 root 的密码，然后它被认为是相对安全的.

It is NOT secure OOTB. However, you can remove the trusted key from ~vagrant/.ssh/authorized_keys and add your own, change password for vagrant and root, then it's considered relatively safe.

更新

从 Vagrant 1.2.3 开始，默认情况下 SSH 转发端口绑定到 127.0.0.1，因此只允许本地连接 [GH-1785].

Since Vagrant 1.2.3, by default SSH forwarded port binds to 127.0.0.1 so only local connections are allowed [GH-1785].

重要更新

自 Vagrant 1.7.0(PR #4707)以来，Vagrant 将取代默认的不安全在第一次 vagrant up 时使用随机生成的密钥对的 ssh 密钥对.

Since Vagrant 1.7.0 (PR #4707) Vagrant will replace the default insecure ssh keypair with randomly generated keypair on first vagrant up.

参见 CHANGELOG:使用默认的不安全密钥对，Vagrant 会在第一次 vagrant up 时自动用随机生成的密钥对替换它.GH-2608

See in the CHANGELOG: the default insecure keypair is used, Vagrant will automatically replace it with a randomly generated keypair on first vagrant up. GH-2608

这篇关于Vagrant 默认不安全?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！