From ffe6549c2f7a999cc5264b873a60322e91862581 Mon Sep 17 00:00:00 2001 From: "naddy@openbsd.org" Date: Mon, 15 Aug 2016 12:32:04 +0000 Subject: upstream commit Catch up with the SSH1 code removal and delete all mention of protocol 1 particularities, key files and formats, command line options, and configuration keywords from the server documentation and examples. ok jmc@ Upstream-ID: 850328854675b4b6a0d4a90f0b4a9dd9ca4e905f --- sshd.8 | 108 ++++++++++++++--------------------------------------------------- 1 file changed, 23 insertions(+), 85 deletions(-) (limited to 'sshd.8') diff --git a/sshd.8 b/sshd.8 index 6c521f23e..148a8b923 100644 --- a/sshd.8 +++ b/sshd.8 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.284 2016/02/17 07:38:19 jmc Exp $ -.Dd $Mdocdate: February 17 2016 $ +.\" $OpenBSD: sshd.8,v 1.285 2016/08/15 12:32:04 naddy Exp $ +.Dd $Mdocdate: August 15 2016 $ .Dt SSHD 8 .Os .Sh NAME @@ -44,14 +44,12 @@ .Nm sshd .Bk -words .Op Fl 46DdeiqTt -.Op Fl b Ar bits .Op Fl C Ar connection_spec .Op Fl c Ar host_certificate_file .Op Fl E Ar log_file .Op Fl f Ar config_file .Op Fl g Ar login_grace_time .Op Fl h Ar host_key_file -.Op Fl k Ar key_gen_time .Op Fl o Ar option .Op Fl p Ar port .Op Fl u Ar len @@ -96,9 +94,6 @@ to use IPv4 addresses only. Forces .Nm to use IPv6 addresses only. -.It Fl b Ar bits -Specifies the number of bits in the ephemeral protocol version 1 -server key (default 1024). .It Fl C Ar connection_spec Specify the connection parameters to use for the .Fl T @@ -169,36 +164,18 @@ This option must be given if is not run as root (as the normal host key files are normally not readable by anyone but root). The default is -.Pa /etc/ssh/ssh_host_key -for protocol version 1, and .Pa /etc/ssh/ssh_host_dsa_key , -.Pa /etc/ssh/ssh_host_ecdsa_key . +.Pa /etc/ssh/ssh_host_ecdsa_key , .Pa /etc/ssh/ssh_host_ed25519_key and -.Pa /etc/ssh/ssh_host_rsa_key -for protocol version 2. +.Pa /etc/ssh/ssh_host_rsa_key . It is possible to have multiple host key files for -the different protocol versions and host key algorithms. +the different host key algorithms. .It Fl i Specifies that .Nm is being run from .Xr inetd 8 . -If SSH protocol 1 is enabled, -.Nm -should not normally be run -from inetd because it needs to generate the server key before it can -respond to the client, and this may take some time. -Clients may have to wait too long if the key was regenerated every time. -.It Fl k Ar key_gen_time -Specifies how often the ephemeral protocol version 1 server key is -regenerated (default 3600 seconds, or one hour). -The motivation for regenerating the key fairly -often is that the key is not stored anywhere, and after about an hour -it becomes impossible to recover the key for decrypting intercepted -communications even if the machine is cracked into or physically -seized. -A value of zero indicates that the key will never be regenerated. .It Fl o Ar option Can be used to give options in the format used in the configuration file. This is useful for specifying options for which there is no separate @@ -257,8 +234,7 @@ may also be used to prevent from making DNS requests unless the authentication mechanism or configuration requires it. Authentication mechanisms that may require DNS include -.Cm RhostsRSAAuthentication , -.Cm HostbasedAuthentication , +.Cm HostbasedAuthentication and using a .Cm from="pattern-list" option in a key file. @@ -269,42 +245,14 @@ or .Cm DenyUsers . .El .Sh AUTHENTICATION -The OpenSSH SSH daemon supports SSH protocols 1 and 2. -The default is to use protocol 2 only, -though this can be changed via the -.Cm Protocol -option in -.Xr sshd_config 5 . -Protocol 1 should not be used -and is only offered to support legacy devices. -.Pp +The OpenSSH SSH daemon supports SSH protocol 2 only. Each host has a host-specific key, used to identify the host. -Partial forward security for protocol 1 is provided through -an additional server key, -normally 1024 bits, -generated when the server starts. -This key is normally regenerated every hour if it has been used, and -is never stored on disk. Whenever a client connects, the daemon responds with its public -host and server keys. +host key. The client compares the -RSA host key against its own database to verify that it has not changed. -The client then generates a 256-bit random number. -It encrypts this -random number using both the host key and the server key, and sends -the encrypted number to the server. -Both sides then use this -random number as a session key which is used to encrypt all further -communications in the session. -The rest of the session is encrypted -using a conventional cipher, currently Blowfish or 3DES, with 3DES -being used by default. -The client selects the encryption algorithm -to use from those offered by the server. -.Pp -For protocol 2, -forward security is provided through a Diffie-Hellman key agreement. +host key against its own database to verify that it has not changed. +Forward security is provided through a Diffie-Hellman key agreement. This key agreement results in a shared session key. The rest of the session is encrypted using a symmetric cipher, currently 128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. @@ -477,32 +425,25 @@ key (empty lines and lines starting with a .Ql # are ignored as comments). -Protocol 1 public keys consist of the following space-separated fields: -options, bits, exponent, modulus, comment. -Protocol 2 public key consist of: +Public keys consist of the following space-separated fields: options, keytype, base64-encoded key, comment. -The options field is optional; -its presence is determined by whether the line starts -with a number or not (the options field never starts with a number). -The bits, exponent, modulus, and comment fields give the RSA key for -protocol version 1; the -comment field is not used for anything (but may be convenient for the -user to identify the key). -For protocol version 2 the keytype is +The options field is optional. +The keytype is .Dq ecdsa-sha2-nistp256 , .Dq ecdsa-sha2-nistp384 , .Dq ecdsa-sha2-nistp521 , .Dq ssh-ed25519 , .Dq ssh-dss or -.Dq ssh-rsa . +.Dq ssh-rsa ; +the comment field is not used for anything (but may be convenient for the +user to identify the key). .Pp -Note that lines in this file are usually several hundred bytes long +Note that lines in this file can be several hundred bytes long (because of the size of the public key encoding) up to a limit of 8 kilobytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16 kilobits. You don't want to type them in; instead, copy the -.Pa identity.pub , .Pa id_dsa.pub , .Pa id_ecdsa.pub , .Pa id_ed25519.pub , @@ -511,8 +452,7 @@ or the file and edit it. .Pp .Nm -enforces a minimum RSA key modulus size for protocol 1 -and protocol 2 keys of 768 bits. +enforces a minimum RSA key modulus size of 768 bits. .Pp The options (if present) consist of comma-separated option specifications. @@ -690,7 +630,7 @@ maintained automatically: whenever the user connects from an unknown host, its key is added to the per-user file. .Pp Each line in these files contains the following fields: markers (optional), -hostnames, bits, exponent, modulus, comment. +hostnames, keytype, base64-encoded key, comment. The fields are separated by spaces. .Pp The marker is optional, but if it is present then it must be one of @@ -731,9 +671,9 @@ character. Only one hashed hostname may appear on a single line and none of the above negation or wildcard operators may be applied. .Pp -Bits, exponent, and modulus are taken directly from the RSA host key; they +The keytype and base64-encoded key are taken directly from the host key; they can be obtained, for example, from -.Pa /etc/ssh/ssh_host_key.pub . +.Pa /etc/ssh/ssh_host_rsa_key.pub . The optional comment field continues to the end of the line, and is not used. .Pp Lines starting with @@ -772,8 +712,8 @@ Note that the lines in these files are typically hundreds of characters long, and you definitely don't want to type in the host keys by hand. Rather, generate them by a script, .Xr ssh-keyscan 1 -or by taking -.Pa /etc/ssh/ssh_host_key.pub +or by taking, for example, +.Pa /etc/ssh/ssh_host_rsa_key.pub and adding the host names at the front. .Xr ssh-keygen 1 also offers some basic automated editing for @@ -912,7 +852,6 @@ This file is used in exactly the same way as but allows host-based authentication without permitting login with rlogin/rsh. .Pp -.It Pa /etc/ssh/ssh_host_key .It Pa /etc/ssh/ssh_host_dsa_key .It Pa /etc/ssh/ssh_host_ecdsa_key .It Pa /etc/ssh/ssh_host_ed25519_key @@ -924,7 +863,6 @@ Note that .Nm does not start if these files are group/world-accessible. .Pp -.It Pa /etc/ssh/ssh_host_key.pub .It Pa /etc/ssh/ssh_host_dsa_key.pub .It Pa /etc/ssh/ssh_host_ecdsa_key.pub .It Pa /etc/ssh/ssh_host_ed25519_key.pub -- cgit v1.2.3 From 83b581862a1dbb06fc859959f829dde2654aef3c Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 19 Aug 2016 03:18:06 +0000 Subject: upstream commit remove UseLogin option and support for having /bin/login manage login sessions; ok deraadt markus dtucker Upstream-ID: bea7213fbf158efab7e602d9d844fba4837d2712 --- monitor.c | 5 +- servconf.c | 14 ++--- servconf.h | 3 +- session.c | 171 +++++++++++++++++++++------------------------------------- sshd.8 | 7 +-- sshd.c | 4 +- sshd_config.5 | 26 +-------- 7 files changed, 72 insertions(+), 158 deletions(-) (limited to 'sshd.8') diff --git a/monitor.c b/monitor.c index 59b05a98f..a86b77936 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.162 2016/08/13 17:47:41 markus Exp $ */ +/* $OpenBSD: monitor.c,v 1.163 2016/08/19 03:18:06 djm Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -1395,9 +1395,6 @@ mm_record_login(Session *s, struct passwd *pw) socklen_t fromlen; struct sockaddr_storage from; - if (options.use_login) - return; - /* * Get IP address of client. If the connection is not a socket, let * the address be 0.0.0.0. diff --git a/servconf.c b/servconf.c index 9bd659c41..8a4a7091a 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.293 2016/08/15 12:27:56 naddy Exp $ */ +/* $OpenBSD: servconf.c,v 1.294 2016/08/19 03:18:06 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -120,7 +120,6 @@ initialize_server_options(ServerOptions *options) options->challenge_response_authentication = -1; options->permit_empty_passwd = -1; options->permit_user_env = -1; - options->use_login = -1; options->compression = -1; options->rekey_limit = -1; options->rekey_interval = -1; @@ -281,8 +280,6 @@ fill_default_server_options(ServerOptions *options) options->permit_empty_passwd = 0; if (options->permit_user_env == -1) options->permit_user_env = 0; - if (options->use_login == -1) - options->use_login = 0; if (options->compression == -1) options->compression = COMP_DELAYED; if (options->rekey_limit == -1) @@ -397,7 +394,7 @@ typedef enum { sPrintMotd, sPrintLastLog, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, - sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, + sPermitUserEnvironment, sAllowTcpForwarding, sCompression, sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sPidFile, sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedKeyTypes, @@ -508,7 +505,7 @@ static struct { { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, - { "uselogin", sUseLogin, SSHCFG_GLOBAL }, + { "uselogin", sDeprecated, SSHCFG_GLOBAL }, { "compression", sCompression, SSHCFG_GLOBAL }, { "rekeylimit", sRekeyLimit, SSHCFG_ALL }, { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, @@ -1283,10 +1280,6 @@ process_server_config_line(ServerOptions *options, char *line, intptr = &options->permit_user_env; goto parse_flag; - case sUseLogin: - intptr = &options->use_login; - goto parse_flag; - case sCompression: intptr = &options->compression; multistate_ptr = multistate_compression; @@ -2261,7 +2254,6 @@ dump_config(ServerOptions *o) dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env); - dump_cfg_fmtint(sUseLogin, o->use_login); dump_cfg_fmtint(sCompression, o->compression); dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports); dump_cfg_fmtint(sUseDNS, o->use_dns); diff --git a/servconf.h b/servconf.h index 16b1467d2..8af460f5a 100644 --- a/servconf.h +++ b/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.121 2016/08/15 12:27:56 naddy Exp $ */ +/* $OpenBSD: servconf.h,v 1.122 2016/08/19 03:18:06 djm Exp $ */ /* * Author: Tatu Ylonen @@ -121,7 +121,6 @@ typedef struct { int permit_empty_passwd; /* If false, do not permit empty * passwords. */ int permit_user_env; /* If true, read ~/.ssh/environment */ - int use_login; /* If true, login(1) is used */ int compression; /* If true, compression is allowed */ int allow_tcp_forwarding; /* One of FORWARD_* */ int allow_streamlocal_forwarding; /* One of FORWARD_* */ diff --git a/session.c b/session.c index 9bad653fc..fcfa80000 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.283 2016/08/13 17:47:41 markus Exp $ */ +/* $OpenBSD: session.c,v 1.284 2016/08/19 03:18:06 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -544,7 +544,7 @@ do_exec_pty(Session *s, const char *command) /* record login, etc. similar to login(1) */ #ifndef HAVE_OSF_SIA - if (!(options.use_login && command == NULL)) { + if (command != NULL) { #ifdef _UNICOS cray_init_job(s->pw); /* set up cray jid and tmpdir */ #endif /* _UNICOS */ @@ -1019,69 +1019,63 @@ do_setup_env(Session *s, const char *shell) ssh_gssapi_do_child(&env, &envsize); #endif - if (!options.use_login) { - /* Set basic environment. */ - for (i = 0; i < s->num_env; i++) - child_set_env(&env, &envsize, s->env[i].name, - s->env[i].val); + /* Set basic environment. */ + for (i = 0; i < s->num_env; i++) + child_set_env(&env, &envsize, s->env[i].name, s->env[i].val); - child_set_env(&env, &envsize, "USER", pw->pw_name); - child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); + child_set_env(&env, &envsize, "USER", pw->pw_name); + child_set_env(&env, &envsize, "LOGNAME", pw->pw_name); #ifdef _AIX - child_set_env(&env, &envsize, "LOGIN", pw->pw_name); + child_set_env(&env, &envsize, "LOGIN", pw->pw_name); #endif - child_set_env(&env, &envsize, "HOME", pw->pw_dir); + child_set_env(&env, &envsize, "HOME", pw->pw_dir); #ifdef HAVE_LOGIN_CAP - if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH) < 0) - child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); - else - child_set_env(&env, &envsize, "PATH", getenv("PATH")); + if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH) < 0) + child_set_env(&env, &envsize, "PATH", _PATH_STDPATH); + else + child_set_env(&env, &envsize, "PATH", getenv("PATH")); #else /* HAVE_LOGIN_CAP */ # ifndef HAVE_CYGWIN - /* - * There's no standard path on Windows. The path contains - * important components pointing to the system directories, - * needed for loading shared libraries. So the path better - * remains intact here. - */ + /* + * There's no standard path on Windows. The path contains + * important components pointing to the system directories, + * needed for loading shared libraries. So the path better + * remains intact here. + */ # ifdef HAVE_ETC_DEFAULT_LOGIN - read_etc_default_login(&env, &envsize, pw->pw_uid); - path = child_get_env(env, "PATH"); + read_etc_default_login(&env, &envsize, pw->pw_uid); + path = child_get_env(env, "PATH"); # endif /* HAVE_ETC_DEFAULT_LOGIN */ - if (path == NULL || *path == '\0') { - child_set_env(&env, &envsize, "PATH", - s->pw->pw_uid == 0 ? - SUPERUSER_PATH : _PATH_STDPATH); - } + if (path == NULL || *path == '\0') { + child_set_env(&env, &envsize, "PATH", + s->pw->pw_uid == 0 ? SUPERUSER_PATH : _PATH_STDPATH); + } # endif /* HAVE_CYGWIN */ #endif /* HAVE_LOGIN_CAP */ - snprintf(buf, sizeof buf, "%.200s/%.50s", - _PATH_MAILDIR, pw->pw_name); - child_set_env(&env, &envsize, "MAIL", buf); + snprintf(buf, sizeof buf, "%.200s/%.50s", _PATH_MAILDIR, pw->pw_name); + child_set_env(&env, &envsize, "MAIL", buf); + + /* Normal systems set SHELL by default. */ + child_set_env(&env, &envsize, "SHELL", shell); - /* Normal systems set SHELL by default. */ - child_set_env(&env, &envsize, "SHELL", shell); - } if (getenv("TZ")) child_set_env(&env, &envsize, "TZ", getenv("TZ")); /* Set custom environment options from RSA authentication. */ - if (!options.use_login) { - while (custom_environment) { - struct envstring *ce = custom_environment; - char *str = ce->s; - - for (i = 0; str[i] != '=' && str[i]; i++) - ; - if (str[i] == '=') { - str[i] = 0; - child_set_env(&env, &envsize, str, str + i + 1); - } - custom_environment = ce->next; - free(ce->s); - free(ce); + while (custom_environment) { + struct envstring *ce = custom_environment; + char *str = ce->s; + + for (i = 0; str[i] != '=' && str[i]; i++) + ; + if (str[i] == '=') { + str[i] = 0; + child_set_env(&env, &envsize, str, str + i + 1); } + custom_environment = ce->next; + free(ce->s); + free(ce); } /* SSH_CLIENT deprecated */ @@ -1143,7 +1137,7 @@ do_setup_env(Session *s, const char *shell) * Pull in any environment variables that may have * been set by PAM. */ - if (options.use_pam && !options.use_login) { + if (options.use_pam) { char **p; p = fetch_pam_child_environment(); @@ -1161,7 +1155,7 @@ do_setup_env(Session *s, const char *shell) auth_sock_name); /* read $HOME/.ssh/environment. */ - if (options.permit_user_env && !options.use_login) { + if (options.permit_user_env) { snprintf(buf, sizeof buf, "%.200s/.ssh/environment", strcmp(pw->pw_dir, "/") ? pw->pw_dir : ""); read_environment_file(&env, &envsize, buf); @@ -1442,27 +1436,6 @@ do_pwchange(Session *s) exit(1); } -static void -launch_login(struct passwd *pw, const char *hostname) -{ - /* Launch login(1). */ - - execl(LOGIN_PROGRAM, "login", "-h", hostname, -#ifdef xxxLOGIN_NEEDS_TERM - (s->term ? s->term : "unknown"), -#endif /* LOGIN_NEEDS_TERM */ -#ifdef LOGIN_NO_ENDOPT - "-p", "-f", pw->pw_name, (char *)NULL); -#else - "-p", "-f", "--", pw->pw_name, (char *)NULL); -#endif - - /* Login couldn't be executed, die. */ - - perror("login"); - exit(1); -} - static void child_close_fds(void) { @@ -1510,11 +1483,10 @@ child_close_fds(void) void do_child(Session *s, const char *command) { - struct ssh *ssh = active_state; /* XXX */ extern char **environ; char **env; char *argv[ARGV_MAX]; - const char *shell, *shell0, *hostname = NULL; + const char *shell, *shell0; struct passwd *pw = s->pw; int r = 0; @@ -1529,10 +1501,6 @@ do_child(Session *s, const char *command) exit(1); } - /* login(1) is only called if we execute the login shell */ - if (options.use_login && command != NULL) - options.use_login = 0; - #ifdef _UNICOS cray_setup(pw->pw_uid, pw->pw_name, command); #endif /* _UNICOS */ @@ -1541,28 +1509,26 @@ do_child(Session *s, const char *command) * Login(1) does this as well, and it needs uid 0 for the "-h" * switch, so we let login(1) to this for us. */ - if (!options.use_login) { #ifdef HAVE_OSF_SIA - session_setup_sia(pw, s->ttyfd == -1 ? NULL : s->tty); - if (!check_quietlogin(s, command)) - do_motd(); + session_setup_sia(pw, s->ttyfd == -1 ? NULL : s->tty); + if (!check_quietlogin(s, command)) + do_motd(); #else /* HAVE_OSF_SIA */ - /* When PAM is enabled we rely on it to do the nologin check */ - if (!options.use_pam) - do_nologin(pw); - do_setusercontext(pw); - /* - * PAM session modules in do_setusercontext may have - * generated messages, so if this in an interactive - * login then display them too. - */ - if (!check_quietlogin(s, command)) - display_loginmsg(); + /* When PAM is enabled we rely on it to do the nologin check */ + if (!options.use_pam) + do_nologin(pw); + do_setusercontext(pw); + /* + * PAM session modules in do_setusercontext may have + * generated messages, so if this in an interactive + * login then display them too. + */ + if (!check_quietlogin(s, command)) + display_loginmsg(); #endif /* HAVE_OSF_SIA */ - } #ifdef USE_PAM - if (options.use_pam && !options.use_login && !is_pam_session_open()) { + if (options.use_pam && !is_pam_session_open()) { debug3("PAM session not opened, exiting"); display_loginmsg(); exit(254); @@ -1585,10 +1551,6 @@ do_child(Session *s, const char *command) shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); #endif - /* we have to stash the hostname before we close our socket. */ - if (options.use_login) - hostname = session_get_remote_name_or_ip(ssh, utmp_len, - options.use_dns); /* * Close the connection descriptors; note that this is the child, and * the server will still have the socket open, and it is important @@ -1647,8 +1609,7 @@ do_child(Session *s, const char *command) closefrom(STDERR_FILENO + 1); - if (!options.use_login) - do_rc_files(s, shell); + do_rc_files(s, shell); /* restore SIGPIPE for child */ signal(SIGPIPE, SIG_DFL); @@ -1678,11 +1639,6 @@ do_child(Session *s, const char *command) fflush(NULL); - if (options.use_login) { - launch_login(pw, hostname); - /* NEVERREACHED */ - } - /* Get the last component of the shell name. */ if ((shell0 = strrchr(shell, '/')) != NULL) shell0++; @@ -2502,11 +2458,6 @@ session_setup_x11fwd(Session *s) packet_send_debug("No xauth program; cannot forward with spoofing."); return 0; } - if (options.use_login) { - packet_send_debug("X11 forwarding disabled; " - "not compatible with UseLogin=yes."); - return 0; - } if (s->display != NULL) { debug("X11 display already set."); return 0; diff --git a/sshd.8 b/sshd.8 index 148a8b923..4cf8fee48 100644 --- a/sshd.8 +++ b/sshd.8 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.285 2016/08/15 12:32:04 naddy Exp $ -.Dd $Mdocdate: August 15 2016 $ +.\" $OpenBSD: sshd.8,v 1.286 2016/08/19 03:18:06 djm Exp $ +.Dd $Mdocdate: August 19 2016 $ .Dt SSHD 8 .Os .Sh NAME @@ -504,9 +504,6 @@ Environment processing is disabled by default and is controlled via the .Cm PermitUserEnvironment option. -This option is automatically disabled if -.Cm UseLogin -is enabled. .It Cm from="pattern-list" Specifies that in addition to public key authentication, either the canonical name of the remote host or its IP address must be present in the diff --git a/sshd.c b/sshd.c index fd89acbb9..a561c7b3e 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.473 2016/08/15 12:27:56 naddy Exp $ */ +/* $OpenBSD: sshd.c,v 1.474 2016/08/19 03:18:07 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -629,7 +629,7 @@ privsep_postauth(Authctxt *authctxt) #ifdef DISABLE_FD_PASSING if (1) { #else - if (authctxt->pw->pw_uid == 0 || options.use_login) { + if (authctxt->pw->pw_uid == 0) { #endif /* File descriptor passing is broken or root login */ use_privsep = 0; diff --git a/sshd_config.5 b/sshd_config.5 index d1a5d1d33..fe3b23d6e 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.229 2016/08/15 12:32:04 naddy Exp $ -.Dd $Mdocdate: August 15 2016 $ +.\" $OpenBSD: sshd_config.5,v 1.230 2016/08/19 03:18:07 djm Exp $ +.Dd $Mdocdate: August 19 2016 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -1489,25 +1489,6 @@ and .Cm Match .Cm Host directives. -.It Cm UseLogin -Specifies whether -.Xr login 1 -is used for interactive login sessions. -The default is -.Dq no . -Note that -.Xr login 1 -is never used for remote command execution. -Note also, that if this is enabled, -.Cm X11Forwarding -will be disabled because -.Xr login 1 -does not know how to handle -.Xr xauth 1 -cookies. -If -.Cm UsePrivilegeSeparation -is specified, it will be disabled after authentication. .It Cm UsePAM Enables the Pluggable Authentication Module interface. If set to @@ -1596,9 +1577,6 @@ setting. .Pp Note that disabling X11 forwarding does not prevent users from forwarding X11 traffic, as users can always install their own forwarders. -X11 forwarding is automatically disabled if -.Cm UseLogin -is enabled. .It Cm X11UseLocalhost Specifies whether .Xr sshd 8 -- cgit v1.2.3 From fd6dcef2030d23c43f986d26979f84619c10589d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 30 Nov 2016 02:57:40 +0000 Subject: upstream commit When a forced-command appears in both a certificate and an authorized keys/principals command= restriction, refuse to accept the certificate unless they are identical. The previous (documented) behaviour of having the certificate forced- command override the other could be a bit confused and more error-prone. Pointed out by Jann Horn of Project Zero; ok dtucker@ Upstream-ID: 79d811b6eb6bbe1221bf146dde6928f92d2cd05f --- auth-options.c | 27 +++++++++++++++++++++------ auth-options.h | 4 ++-- auth2-pubkey.c | 18 ++++++++---------- sshd.8 | 18 +++++++++++++----- 4 files changed, 44 insertions(+), 23 deletions(-) (limited to 'sshd.8') diff --git a/auth-options.c b/auth-options.c index b399b91e3..57b49f7fd 100644 --- a/auth-options.c +++ b/auth-options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.71 2016/03/07 19:02:43 djm Exp $ */ +/* $OpenBSD: auth-options.c,v 1.72 2016/11/30 02:57:40 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -601,7 +601,7 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw, * options so this must be called after auth_parse_options(). */ int -auth_cert_options(struct sshkey *k, struct passwd *pw) +auth_cert_options(struct sshkey *k, struct passwd *pw, const char **reason) { int cert_no_port_forwarding_flag = 1; int cert_no_agent_forwarding_flag = 1; @@ -611,6 +611,8 @@ auth_cert_options(struct sshkey *k, struct passwd *pw) char *cert_forced_command = NULL; int cert_source_address_done = 0; + *reason = "invalid certificate options"; + /* Separate options and extensions for v01 certs */ if (parse_option_list(k->cert->critical, pw, OPTIONS_CRITICAL, 1, NULL, NULL, NULL, NULL, NULL, @@ -632,11 +634,24 @@ auth_cert_options(struct sshkey *k, struct passwd *pw) no_x11_forwarding_flag |= cert_no_x11_forwarding_flag; no_pty_flag |= cert_no_pty_flag; no_user_rc |= cert_no_user_rc; - /* CA-specified forced command supersedes key option */ - if (cert_forced_command != NULL) { - free(forced_command); + /* + * Only permit both CA and key option forced-command if they match. + * Otherwise refuse the certificate. + */ + if (cert_forced_command != NULL && forced_command != NULL) { + if (strcmp(forced_command, cert_forced_command) == 0) { + free(forced_command); + forced_command = cert_forced_command; + } else { + *reason = "certificate and key options forced command " + "do not match"; + free(cert_forced_command); + return -1; + } + } else if (cert_forced_command != NULL) forced_command = cert_forced_command; - } + /* success */ + *reason = NULL; return 0; } diff --git a/auth-options.h b/auth-options.h index 34852e5c0..52cbb42aa 100644 --- a/auth-options.h +++ b/auth-options.h @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.h,v 1.21 2015/01/14 10:30:34 markus Exp $ */ +/* $OpenBSD: auth-options.h,v 1.22 2016/11/30 02:57:40 djm Exp $ */ /* * Author: Tatu Ylonen @@ -35,6 +35,6 @@ extern char *authorized_principals; int auth_parse_options(struct passwd *, char *, char *, u_long); void auth_clear_options(void); -int auth_cert_options(struct sshkey *, struct passwd *); +int auth_cert_options(struct sshkey *, struct passwd *, const char **); #endif diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 375d91cbd..20f3309e1 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.59 2016/09/21 17:44:20 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.60 2016/11/30 02:57:40 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -757,17 +757,17 @@ static int check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) { char line[SSH_MAX_PUBKEY_BYTES]; - const char *reason; int found_key = 0; u_long linenum = 0; Key *found; - char *fp; found_key = 0; found = NULL; while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { - char *cp, *key_options = NULL; + char *cp, *key_options = NULL, *fp = NULL; + const char *reason = NULL; + if (found != NULL) key_free(found); found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type); @@ -832,10 +832,8 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) authorized_principals == NULL ? pw->pw_name : NULL, &reason) != 0) goto fail_reason; - if (auth_cert_options(key, pw) != 0) { - free(fp); - continue; - } + if (auth_cert_options(key, pw, &reason) != 0) + goto fail_reason; verbose("Accepted certificate ID \"%s\" (serial %llu) " "signed by %s CA %s via %s", key->cert->key_id, (unsigned long long)key->cert->serial, @@ -913,8 +911,8 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) if (key_cert_check_authority(key, 0, 1, use_authorized_principals ? NULL : pw->pw_name, &reason) != 0) goto fail_reason; - if (auth_cert_options(key, pw) != 0) - goto out; + if (auth_cert_options(key, pw, &reason) != 0) + goto fail_reason; verbose("Accepted certificate ID \"%s\" (serial %llu) signed by " "%s CA %s via %s", key->cert->key_id, diff --git a/sshd.8 b/sshd.8 index 4cf8fee48..41fc5051a 100644 --- a/sshd.8 +++ b/sshd.8 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.286 2016/08/19 03:18:06 djm Exp $ -.Dd $Mdocdate: August 19 2016 $ +.\" $OpenBSD: sshd.8,v 1.287 2016/11/30 02:57:40 djm Exp $ +.Dd $Mdocdate: November 30 2016 $ .Dt SSHD 8 .Os .Sh NAME @@ -481,19 +481,27 @@ If an 8-bit clean channel is required, one must not request a pty or should specify .Cm no-pty . A quote may be included in the command by quoting it with a backslash. +.Pp This option might be useful to restrict certain public keys to perform just a specific operation. An example might be a key that permits remote backups but nothing else. Note that the client may specify TCP and/or X11 -forwarding unless they are explicitly prohibited. +forwarding unless they are explicitly prohibited, e.g. using the +.Cm restrict +key option. +.Pp The command originally supplied by the client is available in the .Ev SSH_ORIGINAL_COMMAND environment variable. Note that this option applies to shell, command or subsystem execution. -Also note that this command may be superseded by either a +Also note that this command may be superseded by a .Xr sshd_config 5 .Cm ForceCommand -directive or a command embedded in a certificate. +directive. +.Pp +If a command is specified and a forced-command is embedded in a certificate +used for authentication, then the certificate will be accepted only if the +two commands are identical. .It Cm environment="NAME=value" Specifies that the string is to be added to the environment when logging in using this key. -- cgit v1.2.3