[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OFF-TOPIC: SSH authn over TLS?
[Thread Prev] | [Thread Next]
- Subject: Re: OFF-TOPIC: SSH authn over TLS?
- From: Alberto Garcia <agarciaillera@xxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Tue, 30 Jun 2020 12:40:30 -0700
- To: libssh@xxxxxxxxxx
Hi, Can you share that code to take a look at it? Thanks On Tue, Jun 30, 2020 at 11:28 AM Felipe Gasper <felipe@xxxxxxxxxxxxxxxx> wrote: > Hi Aris, > > I got a proof-of-concept up of a workflow that uses libssh to do key > exchange and then public key authn on preexisting sockets, then drops the > SSH session entirely, leaving the preexisting sockets up. That may be what > we end up doing. > > It would be much simpler just to do: > > - Server sends a secret. > - Client signs the secret, sends the signature and key. > - Server verifies the signature on the key, and the key’s authz on the > account. > > … which would seem to thwart replay attacks, but I’m not sure what else > we’d be missing, and we’d be “on the hook” for maintaining basically our > own custom “pseudo-SSH”, which doesn’t sound very appetizing. > > TLS client certs would involve setting up a CA or using a commercial one, > both of which sound like workflow problems. > > Anyhow, thank you for your response! > > -FG > > > > On Jun 30, 2020, at 2:04 PM, Aris Adamantiadis <aris@xxxxxxxxxx> wrote: > > > > Hi Felipe, > > > > In SSH, all authentication schemes are signature-based. Specifically > user authentication is based on signing the master hash that's derived from > key exchange (i.e. everything that was shared by peers + shared secret). > SSH ensures that the authentication is safe because it's impossible for > either party to replay or precompute that hash. I don't think TLS would let > you extract or derive secrets based on the session's secret. You could > craft an authentication protocol inspired by SSH on top of TLS but you'd > have to ensure that the challenges are immune to replay, but in that case > it wouldn't be simple anymore. > > > > TLS has built-in support for client certificates. It's not very > straightforward but it might be the way to go if you insist on having > public key authentication. > > > > Regards, > > > > Aris > > > > Le 30/06/20 à 01:50, Felipe Gasper a écrit : > >> Hello, > >> > >> I want to rig up a simple authentication based on SSH keys but > over a preexisting TLS connection. > >> > >> Since TLS already handles the encryption, would the authentication > be as simple as verifying a decode of a string that the public key encodes? > >> > >> Is there any prior art for this? > >> > >> (I realize this isn’t really on-topic for this list, but I’m not > sure where else to ask … ?) > >> > >> Thank you! > >> > >> -Felipe Gasper > >> Ontario, Canada > > > > > -- Alberto García Illera GPG Public Key <https://goo.gl/yshdwh>
| OFF-TOPIC: SSH authn over TLS? | Felipe Gasper <felipe@xxxxxxxxxxxxxxxx> |
| Re: OFF-TOPIC: SSH authn over TLS? | Aris Adamantiadis <aris@xxxxxxxxxx> |
| Re: OFF-TOPIC: SSH authn over TLS? | Felipe Gasper <felipe@xxxxxxxxxxxxxxxx> |