summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2002-07-04 00:19:40 +0000
committerBen Lindstrom <mouring@eviladmin.org>2002-07-04 00:19:40 +0000
commit5d35a2f5828cfb0a8579228d80e8bec60c8f8c64 (patch)
treed166c5fa709b6c87f4d18888cddda02ed95b2f4f
parent43ce2c86a89a512e3c9361b40155db8bbef3f441 (diff)
- markus@cvs.openbsd.org 2002/07/03 14:21:05
[ssh-keysign.8 ssh-keysign.c ssh.c ssh_config] re-enable ssh-keysign's sbit, but make ssh-keysign read /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled globally. based on discussions with deraadt, itojun and sommerfeld; ok itojun@
-rw-r--r--ChangeLog8
-rw-r--r--ssh-keysign.817
-rw-r--r--ssh-keysign.c16
-rw-r--r--ssh.c5
-rw-r--r--ssh_config3
5 files changed, 43 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index 03d11bb23..1e5ce7adf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -50,6 +50,12 @@
50 use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld) 50 use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld)
51 in order to avoid a possible Kocher timing attack pointed out by Charles 51 in order to avoid a possible Kocher timing attack pointed out by Charles
52 Hannum; ok provos@ 52 Hannum; ok provos@
53 - markus@cvs.openbsd.org 2002/07/03 14:21:05
54 [ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
55 re-enable ssh-keysign's sbit, but make ssh-keysign read
56 /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled
57 globally. based on discussions with deraadt, itojun and sommerfeld;
58 ok itojun@
53 59
5420020702 6020020702
55 - (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc & 61 - (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc &
@@ -1258,4 +1264,4 @@
1258 - (stevesk) entropy.c: typo in debug message 1264 - (stevesk) entropy.c: typo in debug message
1259 - (djm) ssh-keygen -i needs seeded RNG; report from markus@ 1265 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
1260 1266
1261$Id: ChangeLog,v 1.2328 2002/07/04 00:17:33 mouring Exp $ 1267$Id: ChangeLog,v 1.2329 2002/07/04 00:19:40 mouring Exp $
diff --git a/ssh-keysign.8 b/ssh-keysign.8
index ab2cf21ba..cea4a8244 100644
--- a/ssh-keysign.8
+++ b/ssh-keysign.8
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-keysign.8,v 1.2 2002/06/10 16:56:30 stevesk Exp $ 1.\" $OpenBSD: ssh-keysign.8,v 1.3 2002/07/03 14:21:05 markus Exp $
2.\" 2.\"
3.\" Copyright (c) 2002 Markus Friedl. All rights reserved. 3.\" Copyright (c) 2002 Markus Friedl. All rights reserved.
4.\" 4.\"
@@ -36,6 +36,16 @@ is used by
36.Xr ssh 1 36.Xr ssh 1
37to access the local host keys and generate the digital signature 37to access the local host keys and generate the digital signature
38required during hostbased authentication with SSH protocol version 2. 38required during hostbased authentication with SSH protocol version 2.
39.Pp
40.Nm
41is disabled by default and can only be enabled in the
42the global client configuration file
43.Pa /etc/ssh/ssh_config
44by setting
45.Cm HostbasedAuthentication
46to
47.Dq yes .
48.Pp
39.Nm 49.Nm
40is not intended to be invoked by the user, but from 50is not intended to be invoked by the user, but from
41.Xr ssh 1 . 51.Xr ssh 1 .
@@ -46,6 +56,10 @@ and
46for more information about hostbased authentication. 56for more information about hostbased authentication.
47.Sh FILES 57.Sh FILES
48.Bl -tag -width Ds 58.Bl -tag -width Ds
59.It Pa /etc/ssh/ssh_config
60Controls whether
61.Nm
62is enabled.
49.It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key 63.It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
50These files contain the private parts of the host keys used to 64These files contain the private parts of the host keys used to
51generate the digital signature. They 65generate the digital signature. They
@@ -58,6 +72,7 @@ must be set-uid root if hostbased authentication is used.
58.Sh SEE ALSO 72.Sh SEE ALSO
59.Xr ssh 1 , 73.Xr ssh 1 ,
60.Xr ssh-keygen 1 , 74.Xr ssh-keygen 1 ,
75.Xr ssh_config 5 ,
61.Xr sshd 8 76.Xr sshd 8
62.Sh AUTHORS 77.Sh AUTHORS
63Markus Friedl <markus@openbsd.org> 78Markus Friedl <markus@openbsd.org>
diff --git a/ssh-keysign.c b/ssh-keysign.c
index bed2b9874..06d28efa8 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -22,7 +22,7 @@
22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 22 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 */ 23 */
24#include "includes.h" 24#include "includes.h"
25RCSID("$OpenBSD: ssh-keysign.c,v 1.6 2002/07/03 09:55:38 markus Exp $"); 25RCSID("$OpenBSD: ssh-keysign.c,v 1.7 2002/07/03 14:21:05 markus Exp $");
26 26
27#include <openssl/evp.h> 27#include <openssl/evp.h>
28#include <openssl/rand.h> 28#include <openssl/rand.h>
@@ -30,6 +30,7 @@ RCSID("$OpenBSD: ssh-keysign.c,v 1.6 2002/07/03 09:55:38 markus Exp $");
30 30
31#include "log.h" 31#include "log.h"
32#include "key.h" 32#include "key.h"
33#include "ssh.h"
33#include "ssh2.h" 34#include "ssh2.h"
34#include "misc.h" 35#include "misc.h"
35#include "xmalloc.h" 36#include "xmalloc.h"
@@ -39,6 +40,9 @@ RCSID("$OpenBSD: ssh-keysign.c,v 1.6 2002/07/03 09:55:38 markus Exp $");
39#include "msg.h" 40#include "msg.h"
40#include "canohost.h" 41#include "canohost.h"
41#include "pathnames.h" 42#include "pathnames.h"
43#include "readconf.h"
44
45uid_t original_real_uid; /* XXX readconf.c needs this */
42 46
43#ifdef HAVE___PROGNAME 47#ifdef HAVE___PROGNAME
44extern char *__progname; 48extern char *__progname;
@@ -136,6 +140,7 @@ int
136main(int argc, char **argv) 140main(int argc, char **argv)
137{ 141{
138 Buffer b; 142 Buffer b;
143 Options options;
139 Key *keys[2], *key; 144 Key *keys[2], *key;
140 struct passwd *pw; 145 struct passwd *pw;
141 int key_fd[2], i, found, version = 2, fd; 146 int key_fd[2], i, found, version = 2, fd;
@@ -158,6 +163,15 @@ main(int argc, char **argv)
158 log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0); 163 log_init("ssh-keysign", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0);
159#endif 164#endif
160 165
166 /* verify that ssh-keysign is enabled by the admin */
167 original_real_uid = getuid(); /* XXX readconf.c needs this */
168 initialize_options(&options);
169 (void)read_config_file(_PATH_HOST_CONFIG_FILE, "", &options);
170 fill_default_options(&options);
171 if (options.hostbased_authentication != 1)
172 fatal("Hostbased authentication not enabled in %s",
173 _PATH_HOST_CONFIG_FILE);
174
161 if (key_fd[0] == -1 && key_fd[1] == -1) 175 if (key_fd[0] == -1 && key_fd[1] == -1)
162 fatal("could not open any host key"); 176 fatal("could not open any host key");
163 177
diff --git a/ssh.c b/ssh.c
index 67d297c0a..77e709daf 100644
--- a/ssh.c
+++ b/ssh.c
@@ -40,7 +40,7 @@
40 */ 40 */
41 41
42#include "includes.h" 42#include "includes.h"
43RCSID("$OpenBSD: ssh.c,v 1.180 2002/06/30 21:59:45 deraadt Exp $"); 43RCSID("$OpenBSD: ssh.c,v 1.181 2002/07/03 14:21:05 markus Exp $");
44 44
45#include <openssl/evp.h> 45#include <openssl/evp.h>
46#include <openssl/err.h> 46#include <openssl/err.h>
@@ -649,7 +649,8 @@ again:
649 _PATH_HOST_RSA_KEY_FILE, "", NULL); 649 _PATH_HOST_RSA_KEY_FILE, "", NULL);
650 PRIV_END; 650 PRIV_END;
651 651
652 if (sensitive_data.keys[0] == NULL && 652 if (options.hostbased_authentication == 1 &&
653 sensitive_data.keys[0] == NULL &&
653 sensitive_data.keys[1] == NULL && 654 sensitive_data.keys[1] == NULL &&
654 sensitive_data.keys[2] == NULL) { 655 sensitive_data.keys[2] == NULL) {
655 sensitive_data.keys[1] = key_load_public( 656 sensitive_data.keys[1] = key_load_public(
diff --git a/ssh_config b/ssh_config
index ef31d4336..94cffbf39 100644
--- a/ssh_config
+++ b/ssh_config
@@ -1,4 +1,4 @@
1# $OpenBSD: ssh_config,v 1.15 2002/06/20 20:03:34 stevesk Exp $ 1# $OpenBSD: ssh_config,v 1.16 2002/07/03 14:21:05 markus Exp $
2 2
3# This is the ssh client system-wide configuration file. See 3# This is the ssh client system-wide configuration file. See
4# ssh_config(5) for more information. This file provides defaults for 4# ssh_config(5) for more information. This file provides defaults for
@@ -22,6 +22,7 @@
22# RhostsRSAAuthentication no 22# RhostsRSAAuthentication no
23# RSAAuthentication yes 23# RSAAuthentication yes
24# PasswordAuthentication yes 24# PasswordAuthentication yes
25# HostbasedAuthentication no
25# BatchMode no 26# BatchMode no
26# CheckHostIP yes 27# CheckHostIP yes
27# StrictHostKeyChecking ask 28# StrictHostKeyChecking ask