Feature - Password over Pubkey auth

[Alexander Bokovoy]

On Пан, 04 жні 2025, Eduardo Suarez-Santana via openssh-unix-dev wrote:
> On Mon, Aug 04, 2025 at 10:58:10AM +0300, Alexander Bokovoy wrote:
> > On Няд, 03 жні 2025, Eduardo Suarez-Santana via openssh-unix-dev wrote:
> > > Hi,
> > > 
> > > this is just an idea.
> > > 
> > > I've observed that password authentication typically passes through the
> > > server-side PAM authentication modules. This may be useful for instance to
> > > unlock an encrypted home directory using the user's password.
> > > 
> > > On the other side, public key authentication may be run passwordless from the
> > > client, which is also a great feature, but it does not allow to unlock the home
> > > directory.
> > > 
> > > I wonder whether an hybrid authentication method could be implemented, where
> > > the password of the user is stored along with the authorized public key in the
> > > server, but instead of storing it in plain text, it would be stored encrypted
> > > with the public key.
> > 
> > This already can be achieved by specifying multiple values in
> > AuthenticationMethods option. The documentation even provides this
> > example:
> > 
> >     For example, "publickey,password publickey,keyboard-interactive"
> >     would require the user to complete public key authentication, followed
> >     by either password or keyboard interactive authentication.
> 
> Please correct me if I'm wrong, but as far as I understand, that way the user
> would have to enter the password anyway after the public key authentication,
> which is not what I meant.

Correct. Two authentication methods would be required.


> What I was thinking is that the user could for instance use only the ssh agent
> to log in for passwordless access. However the server would still receive the
> password and process the auth PAM modules. I believe that this could even work
> when using PKCS#11.

An SSH client may ask to sign a blob using a particular key and get a
response to use against the server. There is nothing else there except
key management.

If you would want to request and pass an additional information (a
password), you'd need to develop a set of extensions to both the server
and the client. A client would be triggered to pass the extension (and
would request a secret), do something against the server to over that
extension and then the server would do its side of the extension
processing.

If not modifying OpenSSH, we could combine several factors here. For
example, we can rely on PAM stack to unlock with a password passed
through it with `AuthenticationMethods "publickey,keyboard-interactive"`.
A PAM module can use that password to unlock the home. This would be
transparent to OpenSSH.

-- 
/ Alexander Bokovoy