crypto icon indicating copy to clipboard operation
crypto copied to clipboard

Published 20 hours ago verified publisher icon golang

ssh: add support for server side multi-step authentication

Open drakkan opened this issue 5 years ago • 13 comments

  • add ErrPartialSuccess. Authentication callbacks must return this error for multi-step authentication when a specific authentication step succeed
  • add PartialSuccessMethods to ConnMetadata interface, it returns the ordered list of authentication methods that returned ErrPartialSuccess. It can be used inside callbacks to find if a multi-step authentication is done using the correct sequence and to return the authentication methods that can continue
  • add NextAuthMethodsCallback, this callback is called when an authentication callback returns ErrPartialSuccess or if, after an initial partial success, an authentication step fails. It must return the list of authentications methods that can continue.

This way an application can define per-user multi-step authentication.

Fixes #17889

drakkan avatar Apr 09 '20 21:04 drakkan

This PR (HEAD: 2aafde1f2d6de5ede3d7d4b45a6fed378b77f9a9) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/crypto/+/227781 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off) See the Wiki page for more info

gopherbot avatar Apr 09 '20 21:04 gopherbot

This PR (HEAD: aed7e1740ca2f1e66517c1368ee0acd9c06b4004) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/crypto/+/227781 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off) See the Wiki page for more info

gopherbot avatar May 16 '20 13:05 gopherbot

This PR (HEAD: 83446a08cde28514db3f71ff25cb08d17b84bc7f) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/crypto/+/227781 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off) See the Wiki page for more info

gopherbot avatar May 17 '20 12:05 gopherbot

There's a pretty significant security issue in the current implementation.

If PublicKeyCallback returns ErrPartialSuccess, a client will be able to authenticate by presenting any public key without proving that it possess the corresponding private key.

This is because the client can first query if a key is acceptable before it signs anything.

https://github.com/golang/crypto/blob/2aafde1f2d6de5ede3d7d4b45a6fed378b77f9a9/ssh/server.go#L577-L586

candidate.result == nil needs to be candidate.result == nil || candidate.result == ErrPartialSuccess.

tt avatar May 24 '20 07:05 tt

This PR (HEAD: 6d02a9b2fff0b8213b4ca6cec2496cdfe30365ea) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/crypto/+/227781 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off) See the Wiki page for more info

gopherbot avatar May 24 '20 09:05 gopherbot

There's a pretty significant security issue in the current implementation.

If PublicKeyCallback returns ErrPartialSuccess, a client will be able to authenticate by presenting any public key without proving that it possess the corresponding private key.

This is because the client can first query if a key is acceptable before it signs anything.

https://github.com/golang/crypto/blob/2aafde1f2d6de5ede3d7d4b45a6fed378b77f9a9/ssh/server.go#L577-L586

candidate.result == nil needs to be candidate.result == nil || candidate.result == ErrPartialSuccess.

this should be fixed now, thanks for reporting

drakkan avatar May 24 '20 09:05 drakkan

Message from Dan Peterson:

Patch Set 4: Run-TryBot+1

Please don’t reply on this GitHub thread. Visit golang.org/cl/227781. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Aug 21 '20 12:08 gopherbot

Message from Gobot Gobot:

Patch Set 4:

TryBots beginning. Status page: https://farmer.golang.org/try?commit=9080eac4

Please don’t reply on this GitHub thread. Visit golang.org/cl/227781. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Aug 21 '20 12:08 gopherbot

Message from Gobot Gobot:

Patch Set 4: TryBot-Result+1

TryBots are happy.

Please don’t reply on this GitHub thread. Visit golang.org/cl/227781. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Aug 21 '20 12:08 gopherbot

Are there plans to accept this PR, or alternatively add server side multi auth via another PR?

I am very eagerly waiting for this feature, and can offer my help in reviewing this PR, if that will speed up the acceptance process!

samiponkanen avatar Sep 14 '20 15:09 samiponkanen

Message from Sami Pönkänen:

Patch Set 4:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/227781. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 17 '20 19:09 gopherbot

Message from Go Bot:

Patch Set 4:

TryBots beginning. Status page: https://farmer.golang.org/try?commit=9080eac4

Please don’t reply on this GitHub thread. Visit golang.org/cl/227781. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Oct 15 '20 03:10 gopherbot

Message from Go Bot:

Patch Set 4: TryBot-Result+1

TryBots are happy.

Please don’t reply on this GitHub thread. Visit golang.org/cl/227781. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Oct 15 '20 03:10 gopherbot