On Wed, 4 Apr 2001, Markus Friedl wrote:
> http://wwwcip.informatik.uni-erlangen.de/~msfriedl/openssh/TODO
->
require multiple methods for user authentication
(e.g. password AND public-key must both succeed to log in)
I think the patch submitted by Carson Gaspar <carson at taltos.org>
to implement partial authentication does this.
->
specify the order of user authentication methods the client tries
PreferredAuthentications is already in 2.5.2p2.
---
By the way, is there any way to restrict the use of one authentication
method until after another has been performed? For example, I would like
to disallow pubkey logins until that user has performed at least one
password login. I can simulate this now by storing the private key on the
server, so that the client must log in by password first, in order to GET
the private key, which he can then load into the agent or whatever and
do passwordless logins. This doesn't work, though, because the private
key is permanent -- if there were an ephemeral key that would work better.
The goal is to get rid of stuff like this:
sshd[18736]: Accepted publickey for joe from 123.456.789.012 port 34567 ssh2
where that just pops up in the log out of nowhere, leading one to wonder
if that's really joe or if some bad guy broke into joe's computer and
got
joe's private key. (joe is a travelling salesman so his IP address is
allowed to be random.)
Partial auth doesn't do it because that only works WITHIN a session, not
across sessions.
Dr. Tom Holroyd
"I am, as I said, inspired by the biological phenomena in which
chemical forces are used in repetitious fashion to produce all
kinds of weird effects (one of which is the author)."
-- Richard Feynman, _There's Plenty of Room at the Bottom_