Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin AT sources DOT redhat DOT com
X-Originating-IP: [66.47.32.124]
From: "Karl M" <karlm30 AT hotmail DOT com>
To: karlm30 AT hotmail DOT com, cygwin AT cygwin DOT com
Subject: Re: ssh Authentication--RSA/Password
Date: Wed, 04 Apr 2001 13:04:02 -0700
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: <F193Y0VnkB4ltFlmmlQ000014b2@hotmail.com>
X-OriginalArrivalTime: 04 Apr 2001 20:04:02.0658 (UTC) FILETIME=[65034C20:01C0BD42]

Hi Corinna and All...

Consider the following...Suppose sshd were modified so that password 
authentication could succeed only if RSA authentication had almost succeeded 
(meaning that the RSA authentication itself succeeded but the setuid 
failed). Then the authentication sequence might look something like this:

Client and server try RSA authentication.

Server detects that RSA authentication succeeded but the setuid failed and 
sets a flag to remember this fact.

Server tells client that RSA authentication failed.

Client and server try password authentication.

Server checks the flag and only allows success if the flag is set. This 
might be controlled by setting passwordAuthentication to "maybe" instead of 
the usual "yes" or "no" in sshd_config.

The result is that I have typed both a passphrase and a password correctly 
in order to get in. This means that for any attacks by a listener on the 
internet, I have the security of RSA authentication--which I believe is 
better than most passwords. I also have the password needed to make life 
good (and easy) in the NT world.

Do you see any security holes?

Would this be of general interest?

Thanks,

...Karl

>From: "Karl M" <karlm30 AT hotmail DOT com>
>To: cygwin AT cygwin DOT com
>Subject: ssh Authentication--RSA/Password
>Date: Sun, 01 Apr 2001 09:29:10 -0700
>
>Hi Corinna and All...
>
>I need to allow multiple users to log on to a win2k system with ssh, but I
>am concerned about the security of allowing password authentication. I
>understand that curently you need to get the password to the sshd host so
>that the setuid can work and that this is why you use password
>authentication. You mentioned that some other software would be required to
>eliminate this need.
>
>How big a job is this and how would it work?
>
>Are you considering writing it in the future?
>
>Is there annother way we could get the password to the sshd host?
>
>I would be willing to type a passphrase and a password to log in. The
>passphrase would allow RSA authentication; the password would allow the
>setuid to work. Then I would disable password authentication in the
>sshd_config file. I would then have a secure authentication without 
>worrying
>(as much) about users selecting weak passwords. I don't see any security
>holes introduced by this, as the tunnel is open when we bring the password
>through.
>
>What are your thoughts?
>
>Thanks,
>
>...Karl
>_________________________________________________________________
>Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>
>--
>Want to unsubscribe from this list?
>Check out: http://cygwin.com/ml/#unsubscribe-simple
>

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com


--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple