PRIVSEP annoys me.

Markus Friedl markus at openbsd.org
Sat Mar 29 04:39:55 EST 2003


what's the point of using a new message type if it's the same as
RSAAuthentication?

the stat() fails because the process that reads
from the network is chrooted.

check PRIVSEP() in auth-rsa.c to figure out how
RSAAuthentication works with PRIVSEP.

On Fri, Mar 28, 2003 at 03:42:06PM +0800, ???? ???? wrote:
> 
> I added a new authentication method to openssh called ICCAuthentication(IC 
> card).
> When server receives SSH_CMSG_AUTH_ICC, it reads the rsa public key file in
> the user's home dir(e. g. /home/peter/.icc/authorized_key), gets the 
> pubkey,
> generates an 32 8-bit long random number, encrypts it with the pubkey, and 
> send
> it to the client as an challenge, just like RSAAuthentication. The client 
> then
> decrypts the challenge with the private key in the user's IC card, and send 
> a
> response to the server.
> 
> Here is the auth_icc_prepare_key() function in my auth-icc.c.
> This function gets the pubkey in the ~/.icc/authorized_key file.
> 
> int
> auth_icc_prepare_key(struct passwd *pw, Key **rkey)
> {
> 	char line[8192], file[MAXPATHLEN];
> 	u_char n_e[131];
> 	FILE *f;
> 	struct stat st;
> 	Key *key;
> 
> 	/* Temporarily use the user's uid. */
> 	temporarily_use_uid(pw);
> 
> 	/* The authorized key file. */
> 	snprintf( file, sizeof file, "%.500s/%.100s", pw->pw_dir,
> 			_PATH_SSH_USER_ICC_PERMITTED_KEY );
> 	
> 	debug("trying public RSA key file %s", file);
> 	
> 	/* Fail quietly if file does not exist */
>         /* If UsePriviledgeSeperation is yes, stat() always fails. */
> 	if (stat(file, &st) < 0) {
> 		/* Restore the privileged uid. */
> 		debug("Public key file does not exist.");
> 		restore_uid();
> 		return 0;
> 	}
> 	
> 	/* Open the file containing the authorized keys. */
> 	f = fopen(file, "r");
> 	if (!f) {
> 		packet_send_debug("Could not open file %.900s
>                                     for reading.",file);
> 		packet_send_debug("If your home is on an NFS volume,
>                                     it may need to be world-readable.");
> 		/* Restore the privileged uid. */
> 		restore_uid();
> 		return 0;
> 	}
> 
> 	if (options.strict_modes &&
> 	    secure_filename(f, file, pw, line, sizeof(line)) != 0) {
> 		fclose(f);
> 		log("Authentication refused: %s", line);
> 		restore_uid();
> 		return 0;
> 	}
> 
> 	key = key_new(KEY_RSA);
> 
> 	/* 
> 	 * Get the public key from the file. If ok, perform a
> 	 * challenge-response dialog to verify that the user has
> 	 * the right IC card.
> 	 */
> 	if( fread( n_e, 131, 1, f ) < 1 ) {
> 		restore_uid();
> 		packet_send_debug("Read file %.900s error.",file);
> 		return 0;
> 	}
> 	key->rsa->n = BN_bin2bn( n_e, 128, NULL );
> 	key->rsa->e = BN_bin2bn( n_e+128, 3, NULL );
> 	
> 	/* Restore the privileged uid. */
> 	restore_uid();
> 
> 	/* Close the file. */
> 	fclose(f);
> 
> 	/* return key if allowed */
> 	if ( rkey != NULL ) {
> 		*rkey = key;
> 		return 1;
> 	} else {
> 		key_free(key);
> 		return 0;
> 	}
> }
> 
> Everything is ok if in sshd_config: "UsePriviledgeSeperation no".
> If I set "UsePriviledgeSeperation" yes, the stat() in the function always
> returns <0, but the file does exists.
> I set the file as:
> /home/peter/.icc/authorized_key     peter.peter     rw-r--r--
> 
> Why in privsep the sshd cannot access the file?
> Please help me.
> Thank you.
> 
> xhtech. Beijing
> 
> 
> 
> 
> 
> _________________________________________________________________
> ?????????????????????????????? MSN Hotmail??  http://www.hotmail.com  
> 




More information about the openssh-unix-dev mailing list