[DOCUMENTATION NEEDED] [REVIEW NEEDED] feat: implement tpm sealed sshd host keys

46sshd/50-unseal.conf

@@ -0,0 +1,3 @@
+[Unit]
+Requires=unseal.service
+After=unseal.service

46sshd/module-setup.sh

@@ -6,6 +6,15 @@
 # called by dracut
 check() {
     require_binaries sshd || return 1
+    if [ -n "$dracut_sshd_tpm_pcrs" ]; then
+        require_binaries openssl &&
+        require_binaries tpm2_createprimary &&
+        require_binaries tpm2_pcrread &&
+        require_binaries tpm2_createpolicy &&
+        require_binaries tpm2_create &&
+        require_binaries tpm2_unseal ||
+        return 1
+    fi
     # 0 enables by default, 255 only on request
     return 0
 }
@@ -22,13 +31,44 @@ install() {
     if [ "$(find /etc/ssh -maxdepth 1 -name 'dracut_ssh_host_*_key')" ]; then
         key_prefix=dracut_
     fi
+
+    local tpm_tempdir
+    if [ -n "$dracut_sshd_tpm_pcrs" ]; then
+        tpm_tempdir=$(mktemp -d)
+        chmod 700 "$tpm_tempdir"
+        ( set -e
+            cd "$tpm_tempdir"
+            touch key ; chmod 600 key
+            openssl rand 32 > key
+            tpm2_createprimary -Q -c primary.ctx
+            if [ -n "$dracut_sshd_pcr_bin" ]; then
+                echo "copying ${dracut_sshd_pcr_bin@Q}"
+                cp "$dracut_sshd_pcr_bin" pcr.bin
+            else
+                echo "reading current pcrs" >&2
+                tpm2_pcrread -o pcr.bin "$dracut_sshd_tpm_pcrs"
+            fi
+            tpm2_createpolicy -Q --policy-pcr -l "$dracut_sshd_tpm_pcrs" -f pcr.bin -L pcr.policy
+            tpm2_create -Q -C primary.ctx -L pcr.policy -i key -c key.ctx
+            /usr/bin/install -Dm 644 key.ctx "$initdir/etc/ssh/key.ctx"
+            echo "$dracut_sshd_tpm_pcrs" > "$initdir/etc/ssh/pcrs"
+        ) || {
+            dfatal "Couldn't include sealed key!"
+            return 1
+        }
+    fi 
+
     local found_host_key=no
     for key_type in dsa ecdsa ed25519 rsa; do
         ssh_host_key=/etc/ssh/"$key_prefix"ssh_host_"$key_type"_key
         if [ -f "$ssh_host_key" ]; then
             inst_simple "$ssh_host_key".pub /etc/ssh/ssh_host_"$key_type"_key.pub
-            /usr/bin/install -m 600 "$ssh_host_key" \
+            if [ -n "$dracut_sshd_tpm_pcrs" ]; then
+                openssl aes-256-cbc -e -in "$ssh_host_key" -out "$initdir/etc/ssh/ssh_host_${key_type}_key.enc" -kfile "$tpm_tempdir/key" -iter 1
+            else
+                /usr/bin/install -m 600 "$ssh_host_key" \
                     "$initdir/etc/ssh/ssh_host_${key_type}_key"
+            fi
             found_host_key=yes
         fi
     done
@@ -37,6 +77,10 @@ install() {
         return 1
     fi
 
+    if [ -n "$tpm_tempdir" ]; then
+        rm -rf "$tpm_tempdir"
+    fi
+
     if [ -e /root/.ssh/dracut_authorized_keys ]; then
         authorized_keys=/root/.ssh/dracut_authorized_keys
     elif [ -e /etc/dracut-sshd/authorized_keys ]; then
@@ -75,6 +119,15 @@ install() {
     inst_multiple -o /etc/crypto-policies/back-ends/opensshserver.config \
             /etc/crypto-policies/back-ends/openssh-server.config
     inst_simple "${moddir}/sshd.service" "$systemdsystemunitdir/sshd.service"
+    if [ -n "$dracut_sshd_tpm_pcrs" ]; then
+        inst_binary /usr/bin/touch
+        inst_binary /usr/bin/openssl
+        inst_binary /usr/bin/basename
+        inst_binary /usr/bin/tpm2_unseal
+        inst_simple "${moddir}/unseal.sh" /usr/sbin/unseal.sh
+        inst_simple "${moddir}/unseal.service" "$systemdsystemunitdir/unseal.service"
+        inst_simple "${moddir}/50-unseal.conf" "$systemdsystemunitdir/sshd.service.d/50-unseal.conf"
+    fi
     inst_simple "${moddir}/sshd_config" /etc/ssh/sshd_config
 
     { grep '^sshd:' $dracutsysrootdir/etc/passwd || echo 'sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin'; } >> "$initdir/etc/passwd"

46sshd/unseal.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=Unseal OpenSSH host keys
+DefaultDependencies=no
+#Before=sshd.service
+After=tpm2.target
+Requires=tpm2.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/sbin/unseal.sh
+
+#[Install]
+#RequiredBy=sshd.service

46sshd/unseal.sh

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+cd /etc/ssh
+
+touch key ; chmod 600 key
+tpm2_unseal -c key.ctx -p pcr:"$(cat pcrs)" -o key
+
+for enc in *.enc; do
+    base="${enc%.enc}"
+    touch "$base" ; chmod 600 "$base"
+    openssl aes-256-cbc -d -in "$enc" -out "$base" -kfile key -iter 1
+done

dracut-sshd.spec

@@ -12,7 +12,7 @@ License:    GPLv3+
 VCS:        {{{ git_dir_vcs }}}
 Source:     {{{ git_dir_pack }}}
 BuildArch:  noarch
-Requires:   dracut-network
+Requires:   dracut-network tpm2-tools openssl
 
 %description
 This Dracut module integrates the OpenSSH sshd into your
@@ -34,6 +34,9 @@ cp -r 46sshd %{buildroot}/usr/lib/dracut/modules.d/
 %dir /usr/lib/dracut/modules.d/46sshd
 /usr/lib/dracut/modules.d/46sshd/module-setup.sh
 /usr/lib/dracut/modules.d/46sshd/sshd.service
+/usr/lib/dracut/modules.d/46sshd/unseal.service
+/usr/lib/dracut/modules.d/46sshd/50-unseal.conf
+/usr/lib/dracut/modules.d/46sshd/unseal.sh
 /usr/lib/dracut/modules.d/46sshd/motd
 /usr/lib/dracut/modules.d/46sshd/profile
 %config(noreplace) /usr/lib/dracut/modules.d/46sshd/sshd_config

example/50-tpm.conf

@@ -0,0 +1,2 @@
+dracut_sshd_tpm_pcrs=sha256:0
+add_dracutmodules+=" tpm2-tss "

test/create-vm.sh

@@ -41,9 +41,10 @@ virt-install --connect qemu:///system \
     --name "$tag" \
     --memory 2048 \
     --network default \
-    --cpu host --vcpus 2 \
+    --cpu host-model --vcpus 2 \
     --graphics none \
     --autoconsole none \
+    --tpm default \
     --import \
     --disk "$dst",format=qco2,bus=virtio \
     --osinfo fedora-unknown \

test/install-dracut-sshd.sh

@@ -18,6 +18,7 @@ $scp  -r 46sshd                 root@"$guest":/usr/lib/dracut/modules.d/
 if [ "$distri" = f ]; then
     $scp  example/20-wired.network  root@"$guest":/etc/systemd/network/20-wired.network
     $scp  example/90-networkd.conf  root@"$guest":/etc/dracut.conf.d/90-networkd.conf
+    $scp  example/50-tpm.conf  root@"$guest":/etc/dracut.conf.d/50-tpm.conf
 
     $ssh root@"$guest" <<EOF
 set -eux