Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to start using --unsafe-passphrase #394

Closed
xrat opened this issue May 3, 2021 · 1 comment
Closed

Unable to start using --unsafe-passphrase #394

xrat opened this issue May 3, 2021 · 1 comment
Labels
Help Wanted Soon

Comments

@xrat
Copy link

xrat commented May 3, 2021

Starting ssh-chat server w/o --unsafe-passphrase works, but as ssh-chat -i ssh-chat.key --unsafe-passphrase=secret it refuses to start w/ error

Passphrase authentication conflicts with existing KeyboardInteractive setup.

Versions

  • Server version: v1.10 (linux_amd64 binary)
  • Latest server version available: v1.10 (linux_amd64 binary)

To Reproduce

wget https://github.com/shazow/ssh-chat/releases/download/v1.10/ssh-chat-linux_amd64.tgz
tar xaf ssh-chat-linux_amd64.tgz
ssh-keygen -t rsa -N '' -f ./ssh-chat.key
ssh-chat/ssh-chat -i ssh-chat.key --unsafe-passphrase=secret

Result:

Passphrase authentication conflicts with existing KeyboardInteractive setup.
@shazow
Copy link
Owner

shazow commented May 4, 2021

Need to change

ssh-chat/cmd/ssh-chat/cmd.go

Line 137 in 3848014

config.KeyboardInteractiveCallback = func(conn ssh.ConnMetadata, challenge ssh.KeyboardInteractiveChallenge) (*ssh.Permissions, error) {

to replace https://github.com/shazow/ssh-chat/blob/master/sshd/auth.go#L37 (and ideally include similar logic).

mikitsu added a commit to mikitsu/ssh-chat that referenced this issue May 27, 2021
@mikitsu
Move password authentication handling into sshd/auth (fixes shazow#394).
bd345ce 
Password authentication is now completely handeled in Auth. The normal
keyboard-interactive handler checks if passwords are supported and asks
for them, removing the need to override the callbacks.

Brute force throttling is removed; I'd like to base it on IP address
banning, which requires changes to the checks.

I'm not sure, but I think timing attacks against the password are fixed:
- The hashing of the real password happens only at startup.
- The hashing of a provided password is something an attacker can do
themselves; It doesn't leak anything about the real password.
- The hash comparison is constant-time.
@shazow shazow closed this as completed in 7413539 May 31, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Help Wanted Soon
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@shazow @xrat