openssh, pam, challenge-response problem

Darren Tucker dtucker at zip.com.au
Tue Sep 8 22:24:08 EST 2009 

Skalak Zdenek wrote:
> Hello,
> 
>     when configuring the OpenSSH to authenticate through pam_radius, I 
> encountered the following problem:
> 
>     The radius server is configured to accept username and generic 
> password, it then generates some textual string as a challenge-request 
> and waits again for username and this time for challenge-response.
> 
>     Pam_radius use pam->conv function, retrieved with 
> pam_get_item(PAM_COM), with challenge-request and type 
> PAM_PROMPT_ECHO_ON, to present the challenge-request to user and to 
> retrieve the challenge-response.
> 
>     OpenSSH sets the PAM_CONV function to sshpam_passwd_conv() (defined 
> in pam_auth.c). But this function doesn't have implemented the 
> PAM_PROMPT_ECHO_ON flavor, and returns the PAM_CONV_ERROR :-(
> 
>     It should be possible to implement the PAM_PROMPT_ECHO_ON 
> conversation either with read()/write() or with 
> fdopen()/fprintf()/fgets()/fclose() (as is done similary for stdin in 
> sshpam_tty_conv()), but we need the socket. The only way to pass the 
> information into the pam module is by Authctxt structure. So we need to 
> add the "int socket" field into the Convctxt structure and then use it 
> (if not set to -1) for challenge-response authentication.
> 
>     Sounds possible?

No.  At the authentication stage there's no connection to the user other 
than the encrypted channel, so there's no place to write plaintext to. 
If you did manage to write to the socket connected to the client it 
would almost certainly kill the connection with a MAC failure.

That said, what you're describing *should* work with the SSH2 
keyboard-interactive authentication type, which was designed to do 
exactly this type of multiple-step challenge-response.

Does "ssh -2 -o PreferredAuthentications=keyboard-interactive 
yourserver" work?  If so, you can just disable PasswordAuthenticaton in 
sshd_config and leave ChallengeResponseAuthentication enabled.  If not, 
what does the client give with "-vvv", and what does the server give 
with debugging (-ddde) enabled?

The next problem you may have is that sshd doesn't allow changes of 
username in the middle of an authentication.  There's more information 
(but no ideal solution) at 
https://bugzilla.mindrot.org/show_bug.cgi?id=1215.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list