Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

proposal: x/crypto/ssh: dynamic auth method selection in ServerConfig #64974

Closed
awly opened this issue Jan 5, 2024 · 9 comments
Closed

proposal: x/crypto/ssh: dynamic auth method selection in ServerConfig #64974

awly opened this issue Jan 5, 2024 · 9 comments
Labels
Proposal Proposal-Crypto Proposal related to crypto packages or other security issues
Milestone

Comments

@awly
Copy link
Contributor

awly commented Jan 5, 2024

Proposal Details

Today, when an auth method fails, server returns a SSH_MSG_USERAUTH_FAILURE with a set of possible methods that the client can attempt next. This set of methods is based on what auth callbacks are set in the ServerConfig.

The proposal is to add a new callback that allows for customizing this set of auth methods per connection, based on previous errors:

type ServerConfig struct
	...

	// NextAuthMethodCallback, if non-nil, is called whenever an authentication
	// method fails. It's called after AuthLogCallback, if set. The return
	// values are the SSH auth types (from
	// https://www.iana.org/assignments/ssh-parameters/ssh-parameters.xhtml#ssh-parameters-10
	// such as "password", "publickey", "keyboard-interactive", etc)
	// to suggest for the client to try next. If empty, authentication fails.
	NextAuthMethodCallback func(conn ConnMetadata, prevErrors []error) []string
}

An example use case: using NoClientAuthCallback to learn some information about the client and then selectively enable a subset of auth methods that could succeed for them.
Another use case: when using an out-of-band authentication mechanism (such as an authenticated tunnel that carries the SSH connection), NextAuthMethodCallback can return a custom auth method name to the client, as an indication of where authentication failed.

cc @bradfitz @maisem

@awly awly added the Proposal label Jan 5, 2024
@gopherbot gopherbot added this to the Proposal milestone Jan 5, 2024
@bradfitz
Copy link
Contributor

bradfitz commented Jan 5, 2024

As background for @rolandshoemaker @FiloSottile et al, this is one of the patches we're carrying in our x/crypto/ssh fork and we're trying to unfork. We're flexible on the API naming/docs/promises but we'd need something dynamic here.

@seankhliao seankhliao added the Proposal-Crypto Proposal related to crypto packages or other security issues label Jan 5, 2024
@seankhliao
Copy link
Member

cc @drakkan @golang/security

@drakkan
Copy link
Member

drakkan commented Jan 5, 2024

@awly @bradfitz can you please take a look at this CL? Could this be useful for your use case too?

I think the API you suggest should also allow multi-step authentication, so we should converge on a proposal and implement it. Thank you

@awly
Copy link
Contributor Author

awly commented Jan 5, 2024

@drakkan thanks for the CL link!
It handles one half of our use-case.

The other half, which is a little unconventional, is to return a custom auth method name (one that doesn't map to existing callbacks) as a hint to the client.
One option would be to add AdditonalMethods []string to PartialSuccessError in your PR.
Another option would be #64962, so we could send a helpful error message via a banner from one of the auth callbacks.

Ideally, I'd like the latter. It handles the "please authenticate using this URL in your browser" flow in our setup.

@drakkan
Copy link
Member

drakkan commented Jan 5, 2024

It handles one half of our use-case.

It would be helpful if you could share your thoughts on linked CL, does it simplify or complicate your application code compared to the NextAuthMethodCallback method? Thank you.

Another option would be #64962, so we could send a helpful error message via a banner from one of the auth callbacks.

This weekend I'll take a more in-depth look at this proposal. It seems very useful!

Ideally, I'd like the latter. It handles the "please authenticate using this URL in your browser" flow in our setup.

At first glance I also prefer a separate proposal for sending dynamic banner messages to clients from authentication callbacks.

@awly
Copy link
Contributor Author

awly commented Jan 5, 2024

Left some comments on the CL, but yes: PartialSuccessError simplifies what we're trying to do here 👍

@gopherbot
Copy link
Contributor

Change https://go.dev/cl/516355 mentions this issue: ssh: add server side multi-step authentication

@FiloSottile
Copy link
Contributor

To confirm, a combination of (the latest iteration of) #61447 and #64962 would address this, correct?

@awly
Copy link
Contributor Author

awly commented Jan 9, 2024

Correct, I'll close this proposal in favor of the other two.

@awly awly closed this as completed Jan 9, 2024
drakkan added a commit to drakkan/crypto that referenced this issue Feb 24, 2024
Add support for sending back partial success to the client while
handling authentication in the server. This is implemented by a special
error that can be returned by any of the authentication methods, which
contains the authentication methods to offer next.

This patch is based on CL 399075 with some minor changes and the
addition of test cases.

Fixes golang/go#17889
Fixes golang/go#61447
Fixes golang/go#64974

Change-Id: I05c8f913bb407d22c2e41c4cbe965e36ab4739b0
drakkan added a commit to drakkan/crypto that referenced this issue Mar 7, 2024
Add support for sending back partial success to the client while
handling authentication in the server. This is implemented by a special
error that can be returned by any of the authentication methods, which
contains the authentication methods to offer next.

This patch is based on CL 399075 with some minor changes and the
addition of test cases.

Fixes golang/go#17889
Fixes golang/go#61447
Fixes golang/go#64974

Change-Id: I05c8f913bb407d22c2e41c4cbe965e36ab4739b0
gopherbot pushed a commit to golang/crypto that referenced this issue Apr 3, 2024
Add support for sending back partial success to the client while
handling authentication in the server. This is implemented by a special
error that can be returned by any of the authentication methods, which
contains the authentication methods to offer next.

This patch is based on CL 399075 with some minor changes and the
addition of test cases.

Fixes golang/go#17889
Fixes golang/go#61447
Fixes golang/go#64974

Co-authored-by: Peter Verraedt <[email protected]>
Change-Id: I05c8f913bb407d22c2e41c4cbe965e36ab4739b0
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/516355
Reviewed-by: Andrew Lytvynov <[email protected]>
Reviewed-by: Than McIntosh <[email protected]>
Reviewed-by: Dmitri Shuralyov <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Filippo Valsorda <[email protected]>
Auto-Submit: Filippo Valsorda <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Proposal Proposal-Crypto Proposal related to crypto packages or other security issues
Projects
None yet
Development

No branches or pull requests

6 participants