fix(agent/agentssh): pin random seed for RSA key generation

ThomasK33 · ThomasK33 · commit 38f9dfc41f29 · 2025-02-20T12:15:52.000+01:00
Change-Id: I8c7e3070324e5d558374fd6891eea9d48660e1e9
Signed-off-by: Thomas Kosiewski &lt;tk@coder.com&gt;
diff --git a/agent/agent.go b/agent/agent.go
@@ -6,6 +6,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"hash/fnv"
 	"io"
 	"net/http"
 	"net/netip"
@@ -372,7 +373,6 @@ func (a *agent) collectMetadata(ctx context.Context, md codersdk.WorkspaceAgentM
 	// Important: if the command times out, we may see a misleading error like
 	// "exit status 1", so it's important to include the context error.
 	err = errors.Join(err, ctx.Err())
-
 	if err != nil {
 		result.Error = fmt.Sprintf("run cmd: %+v", err)
 	}
@@ -906,6 +906,14 @@ func (a *agent) handleManifest(manifestOK *checkpoint) func(ctx context.Context,
 		}
 		a.client.RewriteDERPMap(manifest.DERPMap)
 
+		seed, err := stringToInt64Hash(manifest.WorkspaceID)
+		if err != nil {
+			return xerrors.Errorf("generate hash from workspace id: %w", err)
+		}
+		if err := a.sshServer.UpdateHostSigner(seed); err != nil {
+			return xerrors.Errorf("update host signer: %w", err)
+		}
+
 		// Expand the directory and send it back to coderd so external
 		// applications that rely on the directory can use it.
 		//
@@ -1850,3 +1858,16 @@ func PrometheusMetricsHandler(prometheusRegistry *prometheus.Registry, logger sl
 		}
 	})
 }
+
+// stringToInt64Hash converts a WorkspaceID UUID to an int64 hash.
+// This uses the FNV-1a hash algorithm which provides decent distribution and collision
+// resistance for string inputs.
+func stringToInt64Hash(workspaceID uuid.UUID) (int64, error) {
+	h := fnv.New64a()
+	_, err := h.Write(workspaceID[:])
+	if err != nil {
+		return 42, err
+	}
+
+	return int64(h.Sum64()), nil
+}
diff --git a/agent/agentssh/agentssh.go b/agent/agentssh/agentssh.go
@@ -3,11 +3,11 @@ package agentssh
 import (
 	"bufio"
 	"context"
-	"crypto/rand"
 	"crypto/rsa"
 	"errors"
 	"fmt"
 	"io"
+	"math/rand"
 	"net"
 	"os"
 	"os/exec"
@@ -131,14 +131,15 @@ func NewServer(ctx context.Context, logger slog.Logger, prometheusRegistry *prom
 	// Clients' should ignore the host key when connecting.
 	// The agent needs to authenticate with coderd to SSH,
 	// so SSH authentication doesn't improve security.
-	randomHostKey, err := rsa.GenerateKey(rand.Reader, 2048)
-	if err != nil {
-		return nil, err
-	}
-	randomSigner, err := gossh.NewSignerFromKey(randomHostKey)
+
+	// Create a fixed host key, as at least one host key has to
+	// exist for the SSH server to start. We'll later replace
+	// the host key with one that's based off the workspace uuid.
+	coderSigner, err := coderSigner(42)
 	if err != nil {
 		return nil, err
 	}
+
 	if config == nil {
 		config = &Config{}
 	}
@@ -206,7 +207,7 @@ func NewServer(ctx context.Context, logger slog.Logger, prometheusRegistry *prom
 				slog.Error(err))
 		},
 		Handler:     s.sessionHandler,
-		HostSigners: []ssh.Signer{randomSigner},
+		HostSigners: []ssh.Signer{coderSigner},
 		LocalPortForwardingCallback: func(ctx ssh.Context, destinationHost string, destinationPort uint32) bool {
 			// Allow local port forwarding all!
 			s.logger.Debug(ctx, "local port forward",
@@ -1099,3 +1100,32 @@ func userHomeDir() (string, error) {
 	}
 	return u.HomeDir, nil
 }
+
+// UpdateHostSigner updates the host signer with a new key generated from the provided seed.
+// This function replaces the previously used host key with the newly generated one.
+func (s *Server) UpdateHostSigner(seed int64) error {
+	key, err := coderSigner(seed)
+	if err != nil {
+		return err
+	}
+
+	s.mu.Lock()
+	defer s.mu.Unlock()
+
+	s.srv.AddHostKey(key)
+
+	return nil
+}
+
+// coderSigner generates a deterministic SSH signer based on the provided seed.
+// It uses RSA with a key size of 2048 bits.
+func coderSigner(seed int64) (gossh.Signer, error) {
+	// nolint: gosec
+	deterministicRand := rand.New(rand.NewSource(seed))
+	coderHostKey, err := rsa.GenerateKey(deterministicRand, 2048)
+	if err != nil {
+		return nil, err
+	}
+	coderSigner, err := gossh.NewSignerFromKey(coderHostKey)
+	return coderSigner, err
+}
