Request for a Lockdown option

Steffen Nurpmeso steffen at sdaoden.eu
Sun Jul 14 12:44:34 AEST 2024 

P.S.:

Steffen Nurpmeso wrote in
 <20240707025234.j3oUaPFH at steffen%sdaoden.eu>:
 |Steffen Nurpmeso wrote in
 | <20240704180538.iV4uex29 at steffen%sdaoden.eu>:
 ||Simon Josefsson wrote in
 || <87jzi1fg24.fsf at kaka.sjd.se>:
 |||Jochen Bern <Jochen.Bern at binect.de> writes:
 |||> (And since you mention "port knocking", I'd like to repeat how fond I
 |||> am of upgrading that original concept to a single-packet
 |||> crypto-armored implementation like fwknop.)
 |||
 |||I am reluctantly considering to use some kind of port knocking mechanism
 |||on some machines, however I really don't want to carry around shared
 ...
 |||Does anyone know of any implementation that allows me to configure a
 |||PGP/SSH/FIDO/TPM/whatever public key on the server side, and it then
 |||only listens to signed port knocks from the corresponding private keys?
 | ...
 ||No, but for many years i do have a super simple port-knock server
 ||to do the I/O plus sh(1)ell based client which can do .. whatever.
 | ...
 ||With the possibilities that ssh-keygen -Y sign|verify have added,
 ||one could easily adapt the server and client to send "user-name
 ||MSG", so that the server could look into authorized_keys of
 ||user-name and verify MSG, whatever that is.
 |
 |Hey!  That vision of yours, in conjunction with that -Y
 |possibility of ssh-keygen thrilled me so much i wrote a draft.
 ...

So no, despite that this did not freeaddrinfo() and did not
correctly set exit status twice (in early program state), i do not
like TCP and think TLS in addition makes it worse, with these
multiple packets back and forth.

I thus have built upon my old thing that i use for years, and will
attach it.  It has a very simple UDP server (-lsocket on
OpenIndiana when doing "CC -o /sbin/s-port-knock-bin), and
massively changed the script to produce packets like

 1. password encrypted by X509 pubkey (base64) + LF
 2. LF (gives as room to place a NUL upon receive)
 3. SSH signature cipher-encrypted with password in 1. (base64) + LF

Ie after placing some SSH principals in /tmp/.Zsigs,

  cd /tmp/
  gcc -o ./zt ./s-port-knock-bin.c
  ./s-port-knock.sh create-server-key .Zkey

we can do

  PORT_KNOCK_BIN=/tmp/zt ./s-port-knock.sh \
    start-server -v 45045 \
    /tmp/s-port-knock.sh /tmp/.Zkey-pri.pem /tmp/.Zsigs

and in another window

  PORT_KNOCK_BIN=/tmp/zt ./s-port-knock.sh \
    knock localhost 45045 .Zkey-pub.pem SOME-PUB-SSH-KEY

and if that key is in .Zsigs it works.

One can create a MAGIC and overwrite the block and allow hooks by
starting the server (/ the client) with the environment variable
PORT_KNOCK_RC pointing to some file.  The environment is not
cleared so that is passed through.  Ie

  MAGIC=hallo
  act_block() { echo >&2 '.XRC blocking '$1; }
  act_allow() { echo >&2 '.XRC allowing '$1', principal: '$2; }

The magic is what SSH with create a signature for, fwiw.

Oh, and this does not work on OpenBSD for now, because they do not
know about the AI_V4MAPPED flag, .. wait .., i quickly added
C preprocessor shims.  However, (then) only IPv6 is supported for
now, there (untested, thus).  On FreeBSD it seems you need to set 

  sysctl net.inet6.ip6.v6only=0

(look for rc.conf:ipv6_ipv4mapping="NO" and change, maybe).
On OpenIndiana, despite -lsocket, one should fill in the OPENSSL
variable with the right path right away, like this:

  PORT_KNOCK_BIN=/tmp/zt OPENSSL=/usr/openssl/3.1/bin/openssl \
    ./s-port-knock.sh knock localhost 45045 \
      /tmp/.Zkey-pub.pem SSH-PUBKEY

the rest works out of the box.

Anyhow, this approach i like much better than TLS.
It is a bit ugly that ssh-keygen does not give access to the PEM
version of the OpenSSL private key, on the other hand encryption
only works for RSA (in the western world, and libsodium, on the
other hand, would allow this for Ed25519 it seems, too, and i also
had a quick look at the report that claims this is a save thing
to do, last week, but i am not a cryptographer and thus i would
not do that, despite the fact that this is libsodium only; yes,
there is a OpenSSL thing open for long, but it seems they talk(ed)
him down .. i dunno, really).  And the chinese algorithm, that
much is plain, cannot be generated by OpenSSL (yet), and not
portably anyway.

I will attach these, i like them.  Maybe i find time to make the
OpenBSD variant work for IPv4 and IPv6, but i think it needs two
sockets and select(2), so this is a bit of work.

Ciao, and a nice Sunday everybody.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: s-port-knock.sh
Type: text/x-shellscript
Size: 9209 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20240714/946a8e24/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: s-port-knock-bin.c
Type: text/x-csrc
Size: 9707 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20240714/946a8e24/attachment-0003.bin>

More information about the openssh-unix-dev mailing list