fix(agent/agentssh): pin random seed for RSA key generation

ThomasK33 · ThomasK33 · commit d74cb782fd7b · 2025-02-19T19:57:49.000+01:00
Change-Id: I8c7e3070324e5d558374fd6891eea9d48660e1e9
Signed-off-by: Thomas Kosiewski &lt;tk@coder.com&gt;
diff --git a/agent/agent.go b/agent/agent.go
@@ -6,6 +6,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"hash/fnv"
 	"io"
 	"net/http"
 	"net/netip"
@@ -272,6 +273,7 @@ func (a *agent) init() {
 		UpdateEnv:           a.updateCommandEnv,
 		WorkingDirectory:    func() string { return a.manifest.Load().Directory },
 		BlockFileTransfer:   a.blockFileTransfer,
+		RandomSeed:          stringToInt64Hash(&a.manifest),
 	})
 	if err != nil {
 		panic(err)
@@ -372,7 +374,6 @@ func (a *agent) collectMetadata(ctx context.Context, md codersdk.WorkspaceAgentM
 	// Important: if the command times out, we may see a misleading error like
 	// "exit status 1", so it's important to include the context error.
 	err = errors.Join(err, ctx.Err())
-
 	if err != nil {
 		result.Error = fmt.Sprintf("run cmd: %+v", err)
 	}
@@ -1850,3 +1851,18 @@ func PrometheusMetricsHandler(prometheusRegistry *prometheus.Registry, logger sl
 		}
 	})
 }
+
+// stringToInt64Hash converts the manifest's AgentID and WorkspaceID to an int64 hash.
+// This uses the FNV-1a hash algorithm which provides decent distribution and collision
+// resistance for string inputs.
+func stringToInt64Hash(manifest *atomic.Pointer[agentsdk.Manifest]) int64 {
+	m := manifest.Load()
+	if m == nil {
+		return 42
+	}
+
+	h := fnv.New64a()
+	h.Write(m.AgentID[:])
+	h.Write(m.WorkspaceID[:])
+	return int64(h.Sum64())
+}
diff --git a/agent/agentssh/agentssh.go b/agent/agentssh/agentssh.go
@@ -3,11 +3,11 @@ package agentssh
 import (
 	"bufio"
 	"context"
-	"crypto/rand"
 	"crypto/rsa"
 	"errors"
 	"fmt"
 	"io"
+	"math/rand"
 	"net"
 	"os"
 	"os/exec"
@@ -85,6 +85,10 @@ type Config struct {
 	X11DisplayOffset *int
 	// BlockFileTransfer restricts use of file transfer applications.
 	BlockFileTransfer bool
+
+	// RandomSeed is a random seed value exclusively used to generate a
+	// deterministic SSH host key.
+	RandomSeed int64
 }
 
 type Server struct {
@@ -112,20 +116,25 @@ type Server struct {
 }
 
 func NewServer(ctx context.Context, logger slog.Logger, prometheusRegistry *prometheus.Registry, fs afero.Fs, execer agentexec.Execer, config *Config) (*Server, error) {
+	if config == nil {
+		config = &Config{}
+	}
+
 	// Clients' should ignore the host key when connecting.
 	// The agent needs to authenticate with coderd to SSH,
 	// so SSH authentication doesn't improve security.
-	randomHostKey, err := rsa.GenerateKey(rand.Reader, 2048)
+
+	// Create a deterministic random source
+	// nolint: gosec
+	deterministicRand := rand.New(rand.NewSource(config.RandomSeed))
+	coderHostKey, err := rsa.GenerateKey(deterministicRand, 2048)
 	if err != nil {
 		return nil, err
 	}
-	randomSigner, err := gossh.NewSignerFromKey(randomHostKey)
+	coderSigner, err := gossh.NewSignerFromKey(coderHostKey)
 	if err != nil {
 		return nil, err
 	}
-	if config == nil {
-		config = &Config{}
-	}
 	if config.X11DisplayOffset == nil {
 		offset := X11DefaultDisplayOffset
 		config.X11DisplayOffset = &offset
@@ -190,7 +199,7 @@ func NewServer(ctx context.Context, logger slog.Logger, prometheusRegistry *prom
 				slog.Error(err))
 		},
 		Handler:     s.sessionHandler,
-		HostSigners: []ssh.Signer{randomSigner},
+		HostSigners: []ssh.Signer{coderSigner},
 		LocalPortForwardingCallback: func(ctx ssh.Context, destinationHost string, destinationPort uint32) bool {
 			// Allow local port forwarding all!
 			s.logger.Debug(ctx, "local port forward",
