Looking for Special Challenge-Response Auth PAM Module, or Similar

Brian Candler b.candler at pobox.com
Wed Aug 24 00:56:38 AEST 2022

On 23/08/2022 14:15, Jochen Bern wrote:
> What I'm looking for is a solution where the appliance would prompt 
> with a *randomly chosen* challenge, random enough to make it 
> unfeasible to try and wait for the challenge to repeat, the technician 
> types the challenge into some device of his own (laptop, if need be), 
> types the response displayed back into the appliance, and hey, nice 
> camera you have there making an *entirely useless* recording.
> Would anyone here happen to know of such a beast? 

You mean something like SCRAM implemented as a PAM module?  I can't 
think of one off hand, but there's always pam_exec which is pretty easy 
to plug into.

It might be possible to use pam_sasl 
<http://www1.maths.leeds.ac.uk/~pmtvlm/pam-sasl.html> together with a 
SASL challenge-response auth method 
like SCRAM.

You mentioned Yubikeys.  Depending on the flavour of key, they implement 
a range of different auth methods, some of which are suitable for 
keyboard use; that is, you don't need to plug them directly into the 
target system.

You've already ruled out Yubi OTP mode and HOTP mode, but there is also 
a HMAC-SHA1 type of challenge-response.  I found two modules: the 
official module 
and http://www.average.org/chal-resp-auth/. Both are stateful to avoid 
storing the secret in cleartext on the server, so may suffer from the 
same replay attacks you discussed - but I haven't investigated in 
detail.  It might be possible to use the same secret on all targets, but 
seed them with different challenges.

Aside: I did once play with a PAM module which allows manual U2F 
challenge/response over ssh keyboard-interactive authentication. What 
happened was, you'd connect via ssh and it would spit out a long 
challenge. You paste this into a local client app, and press the button 
on your U2F key.  The client spits out a long response, and you paste it 
back into the ssh session.  Bingo.

It did actually work - but unfortunately the strings were way too long 
to be practical over a KVM without copy-paste.

Ah yes... even documented it on github :-)




More information about the openssh-unix-dev mailing list