On 12/09/14 11:15, Claude Brisson wrote:
> But I cannot use SSL or TLS for the client/server protocol
I would recommend solving that, or using some other
confidentiality/integrity layer like SSH. For your protocol to have a
purpose, its users are presumably transferring something useful or
important between the client and the server, other than the password
itself. Any non-password data transferred between your client and server
will be subject to eavesdropping (unless you have a confidentiality
layer and some sort of protection from man-in-the-middle attacks) and
undetected modification (unless you have an integrity layer).
With that warning out of the way...
> so I have to
> encrypt the user password. In such situations, I'd usually have the
> server send a one-time challenge, and the client respond
> sha1(pass+challenge).
... it sounds as though what you need is a PAM module that implements
some sort of challenge-response, instead of using "ordinary passwords".
You could find one, or write one.
Of the many PAM modules in Debian, libpam-dynalogin,
libpam-google-authenticator, libpam-oath, libpam-otpw, libpam-yubico,
libpam-barada and libpam-duo look relevant to this: they all implement
some sort of one-time-password scheme.
If you are not a security/cryptography expert, I would suggest that a
standard scheme like HOTP, TOTP or SCRAM is likely to be more secure
than something you have written yourself.
S
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
