[Fwd: Re: OpenSSH and X.509 Certificate Support]

Hi Roumen,

I discovered that the need of appending the .pub part of id_rsa(client
key+cert) on the server can be eliminated by adding the Certificate Blob
to authorized_keys which could look something like this:

x509v3-sign-rsa subject=
/C=FR/ST=PARIS/L=DESEl/O=SSL/OU=VLSI/CN=10.244.82.83/emailAddress=client@company.com

This is extracted from the client certificate using openssl as described
in the README file provided by you at
http://roumenpetrov.info/openssh/x509h/README.x509v3

This system works fine, however my only concern is that I would like all
Clients (possessing a valid Client-Certifcates signed by the CA) to be
authenticated without having to place anything in the
~/.ssh/authorized_keys file on the server.(i.e authenticate all users if
they have a valid certificate without any subject line checking).

In Apache this is very much possible via mod_ssl as described in
http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6 .
Can a similar behavior be emulated in OpenSSH using the X.509 patch?

Please let me know your comments.

Thanks and Best Regards,
Sankalp


-------- Original Message --------
Subject: Re: OpenSSH and X.509 Certificate Support
Date: Wed, 12 Mar 2008 17:21:26 +0530
From: sankalp_karpe <sankalp_karpe@persistent.co.in>
To: Roumen Petrov <openssh@roumenpetrov.info>
CC: OpenSSH Devel List <openssh-unix-dev@mindrot.org>, sankalp_karpe
<sankalp_karpe@persistent.co.in>
References: <47BC01CC.60409@persistent.co.in>
<47BC83CB.3080007@roumenpetrov.info> <47BD71DE.3050002@persistent.co.in>
<47BDDAA4.3010405@roumenpetrov.info> <47C6AA07.2050003@persistent.co.in>
<47C70A45.7090903@roumenpetrov.info>



Hi Roumen,

I tried your suggestions and could successfully connect to the OpenSSH
Server with X.509 patch from a non-patched SSH Client using
username/password.

The main requirement that I have is for the Client to be authenticated
via a Client certificate using SSH and Apache.

I have been able to successfully achieve the same using Apache + mod_ssl
for web server access to my system.
In order to enable the same authentication mechanism for command-line
access to my system that uses OpenSSH, I patched OpenSSH with the X.509
patch you developed between two Linux FC6 machines.

Ideally I would like it to be something like:

1. The client sends the user certificate (which includes the user's
public key) to the server. The packet also contains data unique to the
session and it is signed by the user's private key.
2. The server uses the CA certificate to check that the user's
certificate is valid.
3. The server verifies that the user has a valid private key by checking
the signature in the initial packet.
4. The server matches the user certificate against the rules in the
server configuration file to decide whether login is allowed or not.

When looking for information on X.509 Certificate support for SSH, I had
come across a commercial version of SSH (SSH Tectia Client/Server) which
claims to support the above authentication sequence. Also, it supports
selective field based authentication of the Client Certificates, for
example:

<authentication-methods>
<authentication action="allow" repeat-block="yes">
<auth-publickey />
<authentication action="allow">
<selector>
<certificate field="ca-list" pattern="exa-ca1,exa-ca2" />
<certificate field="issuer-name" pattern="C=FI, O=SSH, CN=*" />
<certificate field="subject-name" pattern="C=FI, O=SSH, CN=%username%" />
<certificate field="serial-number" pattern="123456" />
<certificate field="altname-email" pattern="%username%@ssh.com" />
<certificate field="altname-upn" pattern="%username-without-domain%@ssh" />
</selector>
</authentication>
<authentication action="deny" />
</authentication>
</authentication-methods>

However, I need to see how I can extend the OpenSSH of my system to
support X.509 Certificates and cannot use any commercial version of SSH.

Implementing X.509 Certificate support for OpenSSH (using the X.509
patch you developed) requires that the client certificate be appended to
the Client key in id_rsa and public part of the client key+certificate
(i.e. id_rsa.pub) to be appended to the authorized_keys file on the
server, and each time a new client (OpenSSH patched with X.509) is added
to the network, its corresponding id_rsa.pub has to be appended to the
server's authorized_keys.

So, I have the following concerns and would request your comments on the
same:

(1) Isn't this an overhead as compared to what we would do in Web Server
Authentication (Apache) where-in we provide the client with just a
certificate, and not having to create a custom file containing the
Client key+certificate (id_rsa) like we do for OpenSSH patched with X.509.

(2) If we need to have the "client key + client certificate" in id_rsa,
then, is there any workaround to eliminate the need to append the ".pub"
part of it to the "authorized_keys" file on the Server.

(3) Also how can we authenticate clients selectively using the fields of
the client certificate in case of OpenSSH (with X.509 support).

Your help would be highly appreciated.
Thanking you in anticipation.

Thanks and Best Regards,
Sankalp



Roumen Petrov wrote:

>sankalp_karpe wrote:
>
>
>>Hi Roumen,
>>
>>Thanks for your comments.
>>The issues reported by me were not X.509 specific. Sorry about that.
>>
>>So now I have SSH Server & Client, both patched with X.509 and I can
>>successfully connect to the Server using X.509 Certificates.
>>
>>I have several Linux clients some of which are patched with x.509 patch.
>>
>>Is it possible for those linux machines (not patched with x.509) to
>>log-in to the server with username/password since they do not support
>>x.509 certificates (by doing some configuration changes on the Server)?
>>I have tried to log-in from a ssh client (without X.509 patch) to a
>>ssh server (with X.509 patch), but the server refuses connection with
>>the following error on the console:
>>
>>"no hostkey alg"
>>
>>My goal, is to make the OpenSSH Server (with X.509 patch) compatible
>>with all SSH Clients irrespective of whether the client is patched
>>with X.509 or not.
>>Would there be any workaround?
>>
>>Your help would be highly appreciated.
>>Thanking you in anticipation.
>>
>>Thanks and Best Regards,
>>Sankalp
>>
>>Roumen Petrov wrote:
>>
>>
>>
>>>sankalp_karpe wrote:
>>>[SNIP]
>>>
>>>
>
>You could list in sshd_config all supported key types:
>$ grep ^HostKey /etc/ssh/sshd_config
>HostKey /etc/ssh/ssh_host_rsa_key
>HostKey /etc/ssh/SAVE/ssh_host_rsa_key
>HostKey /etc/ssh/ssh_host_dsa_key
>
>
>Also you could check key-types supported by server:
>$ ssh-keyscan localhost
># localhost SSH-2.0-OpenSSH_4.7
>localhost x509v3-sign-rsa Subject:C=XX,...
># localhost SSH-2.0-OpenSSH_4.7
>localhost x509v3-sign-dss Subject:C=XX,...
># localhost SSH-2.0-OpenSSH_4.7
>localhost ssh-rsa AAAAB3Nza....
># localhost SSH-2.0-OpenSSH_4.7
>no hostkey alg
>
>
>Command ssh-keyscan (see man page) scan for protocol version 2 keys by
>default.
>
>Roumen
>_______________________________________________
>openssh-unix-dev mailing list
>openssh-unix-dev@mindrot.org
>https://lists.mindrot.org/mailman/li...enssh-unix-dev
>
>
>

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev