openssh bugs - Nov 2007 - [Bug 1393] New: patch modifies gnome-ssh-askpass to optionally use one-time password

https://bugzilla.mindrot.org/show_bug.cgi?id=1393

           Summary: patch modifies gnome-ssh-askpass to optionally use one-
                    time password
    Classification: Unclassified
           Product: Portable OpenSSH
           Version: 4.7p1
          Platform: All
               URL: http://www.swcp.com/~pgsery
        OS/Version: Linux
            Status: NEW
          Keywords: patch
          Severity: enhancement
          Priority: P2
         Component: Miscellaneous
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: pgsery at swcp.com


Created an attachment (id=1383)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1383)
modifies gnome-ssh-askpass2.c to use one-time password

Patch modifies gnome-ssh-askpass to optionally generate a one-time
password and transmit it via an out-of-band communication channel. If
you can read the password and enter it back into the gnome-ssh-askpass
dialog, ssh-agent is allowed to continue with the authentication
process. 

There are two ways to use the modified gnome-ssh-askpass. The first
method incrementally increases the security provided by the
ssh-agent/gnome-ssh-askpass combination. The second allows you to
create two fully separated authentication factors - the private key and
one-time password - without using a specialized hardware token.

Please see the README (www.swcp.com/~pgsery) for a detailed explanation
and examples.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1393





--- Comment #1 from Paul Sery <pgsery at swcp.com>  2007-11-26 01:20:57
---
Created an attachment (id=1384)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1384)
Describes patch and provides examples

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1393


Darren Tucker <dtucker at zip.com.au> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1384|application/octet-stream    |text/plain
          mime type|                            |




-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1393





--- Comment #2 from Darren Tucker <dtucker at zip.com.au>  2007-11-26
03:06:15 ---
(From update of attachment 1383)
>+#define OTAC_FIFO_LEN	32	/* max fifo name length */
This should probably be MAXPATHLEN, (however see next comment).
>+	/* generate and transmit otac passphrase if env var set */
>+	otac_fifo=malloc(OTAC_FIFO_LEN);
>+	otac_fifo=getenv("SSH_OTAC_FIFO");
You malloc otac_fifo, then immedately overwrite it with the return
value from getenv.  The malloc is unnecessary (and a memory leak).
>+char *
>+write_otac_to_fifo(char *otac_fifo) 
Since this is not exported, you can declare it static like the existing
functions.  Also, if you move it to before its caller you will not need
a declaration line for it.
>+	int i,ran,nchars=52,otac_length=OTAC_PWD_LEN;
>+	char
cpool[52]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
The "52" is a magic number.  You can do without it by doing something
like:

  char cpool[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
  size_t nchars = sizeof(cpool) - 1;
>+	srandom(time(0));
The time is not a secret.  You should use arc4random instead of random.
 The downside of that is that you will need to link with
libopenbsd-compat, libssh and libcrypto on platforms that do not have a
native arc4trandom.

Native arc4random does not require seeding, and the one in the compat
library will seed itself if required.
>+      otac_passphrase=malloc(otac_length+1);
The return value of the malloc is not being checked for failure.
>+	for (i=0;i<otac_length;i++) {
>+		ran = random();
>+		otac_passphrase[i]=cpool[ran%nchars];
Because 2^32 is not divisible by nchars, the passphrase will have a
tiny bias.
>+	otac_passphrase[otac_length] = 0;
Nit: strings are terminated by '\0' not 0.
>+	/* write otac password to fifo */
>+	if ( (out=fopen(otac_fifo,"w")) == NULL) {
>+		mkfifo(otac_fifo, 0660);
>+		out=fopen(otac_fifo,"w");
>+	}
There is no guarantee that this ends up opening the fifo.  The first
fopen can fail for some reason other than the fifo not existing (eg
permissions).  The mkfifo could also fail (permissions again) and the
second fopen could also fail (eg permissions, or a race).

You might also like to match the format of the existing code better as
it makes it easier to read (eg spaces between terms).

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1393





--- Comment #3 from Paul Sery <pgsery at swcp.com>  2007-12-10 04:54:46
---
Created an attachment (id=1390)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1390)
Updated gnome-ssh-askpass2.c/otac patch

Replaced random number generator placeholder with arc4random
Added arc4random dependencies to contrib gnome-ssh-askpass Makefile
General clean-up

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1393





--- Comment #4 from Paul Sery <pgsery at swcp.com>  2007-12-10 04:58:03
---
Created an attachment (id=1391)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1391)
gnome-ssh-askpass/contrib Makefile w/ arc4random dependencies

Adds arc4random dependencies to gnome-ssh-askpass/contrib Makefile
(can't make it work w/o explicitly including vis.o dependency)

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1393


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org




--- Comment #5 from Damien Miller <djm at mindrot.org>  2008-01-20
09:42:58 ---
What is the treat model that this is intended to defend against. It
looks like it is supposed to stop someone who has gained access to my
agent socket and can also answer the askpass confirm dialog. Is this
correct?

BTW all the links at http://www.swcp.com/~pgsery return "forbidden"
errors.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1393


Paul Sery <pgsery at swcp.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |pgsery at swcp.com




--- Comment #6 from Paul Sery <pgsery at swcp.com>  2008-01-22 09:26:45
---
(In reply to comment #5)
> What is the treat model that this is intended to defend against. It
> looks like it is supposed to stop someone who has gained access to my
> agent socket and can also answer the askpass confirm dialog. Is this
> correct?
Yes. It's also designed to protect against a lost or stolen private key
by creating a second authentication factor isolated from the ssh
client. You first authenticate to the server using your key. The server
then e-mails you a random password via an out-of-band channel. You're
fully authenticated if you can correctly answer the challenge.
> BTW all the links at http://www.swcp.com/~pgsery return
"forbidden"
> errors.
Fixed.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.