From owner-freebsd-hackers  Thu Apr 25  2:45:45 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from yello.shallow.net (yello.shallow.net [203.18.243.120])
	by hub.freebsd.org (Postfix) with ESMTP
	id 058E537B419; Thu, 25 Apr 2002 02:45:36 -0700 (PDT)
Received: by yello.shallow.net (Postfix, from userid 1001)
	id 089BD2A6D; Thu, 25 Apr 2002 19:45:29 +1000 (EST)
Date: Thu, 25 Apr 2002 19:45:28 +1000
From: Joshua Goodall <joshua@roughtrade.net>
To: Jordan Hubbard <jkh@winston.freebsd.org>
Cc: Robert Watson <rwatson@FreeBSD.ORG>, hackers@FreeBSD.ORG
Subject: Re: Erm, since everyone managed to HIJACK my sshd thread! ;)
Message-ID: <20020425094528.GE86692@roughtrade.net>
References: <Pine.NEB.3.96L.1020424215852.55944O-100000@fledge.watson.org> <17607.1019707688@winston.freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <17607.1019707688@winston.freebsd.org>
User-Agent: Mutt/1.3.28i
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Wed, Apr 24, 2002 at 09:08:08PM -0700, Jordan Hubbard wrote:
> > BTW, what I'm suggesting here is the equivilent of the "no_fake_prompts" 
> > setting in pam_opie.so found in -CURRENT.  Basically, if the flag is set,
> 
> Again, by all means, generate some diffs and we'll look 'em over.  I'm
> far less interest in debating this in abstract terms and at least
> Joshua provided a better implementation than what I was suggesting,
> which is why I'm now just going to take his proposed change unless
> someone gives me something better yet.

n.b. this is actually an OPIE challenge, despite saying S/Key.
Unfortunately the openssh in -stable totally ignores pam and talks
directly to libopie, so we have to work inside sshd.

Committing to -current was almost certainly unnecessary and regressing
since the version there honours pam.d/sshd which doesn't have
pam_opie on by default, and if you do put it in, you can use the
no_fake_prompts option. I recommend backing that out.

The following patch to -stable is opie & rwatson friendly, won't
give a challenge unless you actually have an entry in /etc/opiepasswd,
and has a knob for toggling fake challenges (which is off by default).
Hopefully that satisfies everyone!

Joshua

Index: auth-chall.c
===================================================================
RCS file: /cvs/src/crypto/openssh/auth-chall.c,v
retrieving revision 1.2.2.1
diff -u -r1.2.2.1 auth-chall.c
--- auth-chall.c	28 Sep 2001 01:33:33 -0000	1.2.2.1
+++ auth-chall.c	25 Apr 2002 09:28:16 -0000
@@ -28,6 +28,9 @@
 
 #include "auth.h"
 #include "log.h"
+#include "servconf.h"
+
+extern ServerOptions options;
 
 #ifdef BSD_AUTH
 char *
@@ -77,9 +80,12 @@
 {
 	static char challenge[1024];
 	struct opie opie;
+	if (opie_haskey(authctxt->user) == 1 &&
+	    options.fake_challenge != 1)
+		return NULL;
 	if (opiechallenge(&opie, authctxt->user, challenge) == -1)
 		return NULL;
-	strlcat(challenge, "\nS/Key Password: ", sizeof challenge);
+	strlcat(challenge, "\nOPIE Password: ", sizeof challenge);
 	return challenge;
 }
 int
Index: servconf.c
===================================================================
RCS file: /cvs/src/crypto/openssh/servconf.c,v
retrieving revision 1.3.2.12
diff -u -r1.3.2.12 servconf.c
--- servconf.c	25 Apr 2002 05:58:53 -0000	1.3.2.12
+++ servconf.c	25 Apr 2002 08:36:02 -0000
@@ -88,6 +88,7 @@
 	options->password_authentication = -1;
 	options->kbd_interactive_authentication = -1;
 	options->challenge_reponse_authentication = -1;
+	options->fake_challenge = -1;
 	options->permit_empty_passwd = -1;
 	options->use_login = -1;
 	options->allow_tcp_forwarding = -1;
@@ -207,7 +208,9 @@
 	if (options->kbd_interactive_authentication == -1)
 		options->kbd_interactive_authentication = 0;
 	if (options->challenge_reponse_authentication == -1)
-		options->challenge_reponse_authentication = 0;
+		options->challenge_reponse_authentication = 1;
+	if (options->fake_challenge == -1)
+		options->fake_challenge = 0;
 	if (options->permit_empty_passwd == -1)
 		options->permit_empty_passwd = 0;
 	if (options->use_login == -1)
@@ -248,7 +251,7 @@
 #ifdef AFS
 	sKrb4TgtPassing, sAFSTokenPassing,
 #endif
-	sChallengeResponseAuthentication,
+	sChallengeResponseAuthentication, sFakeChallenge,
 	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
 	sPrintMotd, sPrintLastLog, sIgnoreRhosts,
 	sX11Forwarding, sX11DisplayOffset,
@@ -302,6 +305,7 @@
 	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
 	{ "challengeresponseauthentication", sChallengeResponseAuthentication },
 	{ "skeyauthentication", sChallengeResponseAuthentication }, /* alias */
+	{ "fakechallenge", sFakeChallenge },
 	{ "checkmail", sCheckMail },
 	{ "listenaddress", sListenAddress },
 	{ "printmotd", sPrintMotd },
@@ -647,6 +651,10 @@
 
 		case sChallengeResponseAuthentication:
 			intptr = &options->challenge_reponse_authentication;
+			goto parse_flag;
+
+		case sFakeChallenge:
+			intptr = &options->fake_challenge;
 			goto parse_flag;
 
 		case sPrintMotd:
Index: servconf.h
===================================================================
RCS file: /cvs/src/crypto/openssh/servconf.h,v
retrieving revision 1.3.2.5
diff -u -r1.3.2.5 servconf.h
--- servconf.h	28 Sep 2001 01:33:34 -0000	1.3.2.5
+++ servconf.h	25 Apr 2002 06:49:12 -0000
@@ -99,6 +99,7 @@
 						 * authentication. */
 	int     kbd_interactive_authentication;	/* If true, permit */
 	int     challenge_reponse_authentication;
+	int     fake_challenge;
 	int     permit_empty_passwd;	/* If false, do not permit empty
 					 * passwords. */
 	int     use_login;	/* If true, login(1) is used */
Index: sshd.8
===================================================================
RCS file: /cvs/src/crypto/openssh/sshd.8,v
retrieving revision 1.5.2.7
diff -u -r1.5.2.7 sshd.8
--- sshd.8	28 Sep 2001 01:33:35 -0000	1.5.2.7
+++ sshd.8	25 Apr 2002 09:39:50 -0000
@@ -414,6 +414,17 @@
 can be used as wildcards in the patterns.
 Only user names are valid; a numerical user ID isn't recognized.
 By default login is allowed regardless of the user name.
+.It Cm FakeChallenge
+Specifies whether OPIE challenges should be attempted (and thus
+randomly generated) if a user does not have an OPIE key setup
+and ChallengeResponseAuthentication is set to
+.Dq yes .
+The argument must be
+.Dq yes
+or
+.Dq no .
+The default is
+.Dq no .
 .It Cm GatewayPorts
 Specifies whether remote hosts are allowed to connect to ports
 forwarded for the client.
Index: sshd_config
===================================================================
RCS file: /cvs/src/crypto/openssh/sshd_config,v
retrieving revision 1.4.2.7
diff -u -r1.4.2.7 sshd_config
--- sshd_config	25 Apr 2002 05:58:53 -0000	1.4.2.7
+++ sshd_config	25 Apr 2002 08:36:19 -0000
@@ -48,8 +48,10 @@
 PasswordAuthentication yes
 PermitEmptyPasswords no
 
-# Uncomment to enable s/key passwords 
-#ChallengeResponseAuthentication yes
+# Uncomment to disable s/key passwords 
+#ChallengeResponseAuthentication no
+# Uncomment to generate fake s/key challenges
+#FakeChallenge yes
 
 # To change Kerberos options
 #KerberosAuthentication no

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message