RE: PAM module for client/server application

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Good morning. I have replied inline. My responses may be very detailed. This is due to your questions not providing any context in regards to your client/server application. If I had more details on that I could provide one simple answer of how to proceed.
________________________________________
From: pam-list-bounces@xxxxxxxxxx [pam-list-bounces@xxxxxxxxxx] on behalf of Claude Brisson [claude@xxxxxxxxxxx]
Sent: Friday, September 12, 2014 4:15 AM
To: pam-list@xxxxxxxxxx
Subject: PAM module for client/server application

Hi.

Among the forest of all available PAM modules in standard linux distros,
I was unable to identify the one I should use to fulfill my need:

I'm developing a client/server application that needs authentication.
I'd like this authentication to be handled by PAM. For instance, if I
want to rely on linux shadow passwords for existing accounts, I'll have
my server belong to the "shadow" group and use the "auth-common" module.
So far, so good.

Typically you should not have any user accounts assigned to the 'shadow' group. PAM modules have access to the getpwnam functions as they are executed within the root user context. For help in manually accessing the local password database please reference the man pages for getpwnam (http://linux.die.net/man/3/getpwnam).

But I cannot use SSL or TLS for the client/server protocol, so I have to
encrypt the user password. In such situations, I'd usually have the
server send a one-time challenge, and the client respond
sha1(pass+challenge). Or, if the pass is itself encrypted in the
database, let say by some hash() function, the client would answer
sha1(hash(pass)+challenge), and the server, knowing the real pass, can
check authentication.

Technically you should use a one time pad cipher for the most secure configuration. The problem with this is that it requires both ends have previously established a shared secret while using a symmetric encryption cipher such as AES in CTX mode.

Using an asymmetric encryption cipher such as RSA &/or DH (diffie hellman) requires a key exchange which can lead to an insecure communication channel if an attacker is monitoring the initial key exchange. If this is what you wish to use I would suggest using the OpenSSL API to establish a secure communications channel for the key exchange. For more information using their API please refer to the 'Usage & Programming' section http://wiki.openssl.org/index.php/Main_Page#Usage_and_Programming. Or if you need more information regarding the various principals of using encryption for key exchanges etc the 'Concepts & Theory' sections can provide that information. http://wiki.openssl.org/index.php/Main_Page#Usage_and_Programming.

If you are unable to use SSL/TLS perhaps you should implement the Kerberos PAM module (pam_krb5) which implements your above suggested solution in a cryptographically secure manner.

My understanding is that I *have* to give the provided password as is to
PAM, because I don't have any mean of telling PAM *how* it should be
compared to the stored password. Put it in another way, I cannot tell
PAM "here is my <challenge>, the user provided
<sha1(hash(pass)+challenge)>, please check that".

The pam library you will link against during compile has methods for accessing the user supplied credentials. For more information on how to use the PAM API please review the developers guide at http://www.linux-pam.org/Linux-PAM-html/Linux-PAM_ADG.html

And so, it means the only solution is to encrypt the password with a
reversible encryption function and not with a hash. Am I right?

Technically correct. However due to using an insecure communications channel (I.E. no TLS/SSL wrapping the payload of the communication stream in a secure RSA/DH key exchange) a MITM (man in the middle) scenario will present itself.

Because I am unsure of your actual problem. I recommend use of the pam_krb5 module for authentication as a 'roll your own crypto solution' will only serve to create a liability for your password handling in the future. Using libraries that have been developed specifically for these problems (see pam_krb5, pam_ldap, etc).

Hope this helps.

Thanks,

   Claude


_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list




[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux