Mark Cavage
2011-Feb-08 23:19 UTC
Feature Request: Plugin Model for authorizing public keys
I would like to implement a feature whereby users can write their own plugins for authorizing use of a public key. I've got a private branch of this working, but would like feedback before submitting a patch (starting with whether the community would want this). Essentially, I've added a line in sshd_config like: PubKeyPlugin ~/local/dev/plugin/libsshplugin.so/dylib/.<http://libsshplugin.so/dylib/> .. Which dlopen's said plugin and looks for a function that checks access for RSA public keys (function defined below). It would not be a stretch to add DSA et al., but I didn't want to bother unless this gets blessed. The function gets invoked in auth2-pubkey only if the authorized_keys file checks failed. I did this as the only other functionality like this I saw were things like the LPK/Fed-SSH patches that assume one is running LDAP; this mechanism allows a user to run whatever arbitrary things they want to determine what keys map to what users (or by group, etc.). Thank you! /** * NAME: * int sshd_user_rsa_key_allowed(RSA *rsa, struct passwd *pwd, const char *fingerprint) * * DESCRIPTION: * Determines whether or not the specified key is allowed to authenticate as the user in pwd * * INPUTS: * RSA * rsa The RSA public key used by the remote party (signature check has already passed) * struct passwd * pwd The user record the remote party is attempting to login as * const char * fingerprint MD5 fingerprint of the RSA public key (for convenience) * * OUTPUTS: * [0] Not Allowed * [1] Allowed * * NOTES: * Developers are expected to link against OpenSSL, and include<openssl/rsa.h>. There is no dependency on OpenSSH. */ int sshd_user_rsa_key_allowed(RSA *rsa, struct passwd *pwd, const char *fingerprint);
Mark Cavage
2011-Feb-09 00:03 UTC
Feature Request: Plugin Model for authorizing public keys
I would like to implement a feature whereby users can write their own plugins for authorizing use of a public key. ?I've got a private branch of this working, but would like feedback before submitting a patch (starting with whether the community would want this). Essentially, I've added a line in sshd_config like: PubKeyPlugin ~/local/dev/plugin/libsshplugin.so Which dlopen's said plugin and looks for a function that checks access for RSA public keys (function defined below). It would not be a stretch to add DSA et al., but I didn't want to bother unless this gets blessed. The function gets invoked in auth2-pubkey only if the authorized_keys file checks failed. I did this as the only other functionality like this I saw were things like the LPK/Fed-SSH patches that assume one is running LDAP; this mechanism allows a user to run whatever arbitrary things they want to determine what keys map to what users (or by group, etc.). Thank you! /** ?* NAME: ?* ? ? int sshd_user_rsa_key_allowed(RSA *rsa,?struct passwd *pwd, const char *fingerprint) ?* ?* DESCRIPTION: ?* ? ? Determines whether or not the specified key is allowed to authenticate as the user in pwd ?* ?* INPUTS: ?* ? ? ?RSA * rsa ? ? ? ? ? ? ? ? ? ? ?The RSA public key used by the remote party (signature check has already passed) ?* ? ? ?struct passwd * pwd ? ? ? The user record the remote party is attempting to login as ?* ? ? ?const char * fingerprint ? ?MD5 fingerprint of the RSA public key (for convenience) ?* ?* OUTPUTS: ?* ? ? [0] ? ?Not Allowed ?* ? ? [1] ? ?Allowed ?* ?* NOTES: ?* ? ? Developers are expected to link against OpenSSL, and include<openssl/rsa.h>. * There is no dependency on OpenSSH. ?*/ int sshd_user_rsa_key_allowed(RSA *rsa,?struct passwd *pwd,?const char *fingerprint);