[ssh_x509] Clarification on pkixssh-10.2

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Wed Mar 21 08:09:19 EET 2018


Hi Roumen,

Thanks for the quick response. I have following questions. Hope you can
help on these as well.

1. Identity or hostkey file for protocol version 2 can contain a private
key plus X.509 certificate in PEM format. To use X.509 certificate as
identity or hostkey user
should convert certificate in PEM format and append to file. This
hostkey will be shared with the client for server authentication? We just
want to use x509v3-ssh-rsa algorithm.
So certificate in PEM format should be appended to ssh_host_rsa_key?

2. sshd_config/ssh_config

2.1 Most of your changes are commented out in sshd_config. I have attached
sshd_config and ssh_config file (please see). Can you please
share the sshd_config and ssh_config file which is configured to handle
x509v3 certificates?

2.2 We just want to use x509v3-ssh-rsa algorithm. What will be the value of
X509KeyAlgorithm attribute in sshd_config and ssh_config?

 X509KeyAlgorithm x509v3-sign-rsa-sha1,rsa-sha1,ssh-rsa ?


2.3 What is the purpose of "X509 store" in sshd_config and ssh_config?

3. User files on the server

  Append in USER_HOME/.ssh/authorized_keys a record with following
format:
<KEY_TYPE><SPACE><WORDDN><SPACE>{<Distinguished_Name>|CertBlob}

What is the purpose of adding this detail in authorized_keys file ?


4. How to test this feature if my make check-certs is not working?  I read
about Pragma fortress software and SecureCRT support ssh client capable of
handling x509v3 certificates. Any suggestions?


Thanks in advance.
Regards
Mohit Gupta

On Tue, Mar 20, 2018 at 12:43 AM, <ssh_x509 at roumenpetrov.info> wrote:

> ssh_x509 at roumenpetrov.info wrote:
>
>>   Hi Roumen,
>>
>> I have few questions related to your OpenSSH RFC 6187 changes. I am using
>> pkixssh-10.2 build for my purpose.
>> 1. Is the pkixssh-10.2 build complete to handle x509v3 certificate-based
>> user authentication or do we need more changes? If yes, in which files?
>>
>
> Even  v10.0 is ready for x509v3 certificate in RFC6187 format.
> Remark: 11.2 has two security patches - see announce
> http://roumenpetrov.info/pipermail/ssh_x509_roumenpetrov.
> info/2018q1/000444.html
>
> Note pre-RFC6187 document - draft-ietf-secsh-transport-12.txt . Let call
> "legacy" format.
> Versions after 10.0 improve algorithm selection between legacy and rfc
> format.
>
>
> 2. For our requirement, we would want to configure SSH so that it can
>> handle x509v3 certificate-based user authentication.
>>
>
> This is default.
>
> In the default case,
>> we would like SSH to handle public key based user authentication.
>>
>
> It is supported by default.
>
>
> So what
>> exact changes required to configure RFC6187 enabled OpenSSH? Can you share
>> sshd_config and ssh_config file where it can handle x509v3
>> certificate-based user authentication? And also what other changes are
>> required? I couldn't understand much from the README.x509v3 document.
>>
> The default configuration is enough.
> You could change defaults only if you would like to add some restrictions.
> It is required client X.509 certificate to have sslclient purpose but you
> could use options *AllowedCertPurpose to bay-pass default.*
>
>
> 3. In README.x509v3 document, you have mentioned about make test/ make
>> check-certs. I am not able to successfully run this test. I am getting
>> following error "/openssh-7.5p1/regress/unittests/sshbuf/test_sshbuf:
>> cannot execute binary file" and
>> generating RSA 'hostkey'
>> /bin/sh ./2-cre_key.sh -t rsa -b 2048 -N "" -f testhostkey_rsa
>> ./2-cre_key.sh: line 24: /openssh-7.5p1/ssh-keygen: cannot execute binary
>>
>
> I'm not sure what could be reason. First (test_sshbuf) is part from
> OpenSSH unitest , second is PKIX_SSH test.
> Messages show "build-dir" under root! Location is reason for failure.
> May be build is for platform not supported by loader. Cross-compilation?
>
>
> file
>> OpenSSL command: /usr/bin/openssl
>>          version: OpenSSL 1.0.1e-fips 11 Feb 2013
>> RSA digest list: sha1
>> ./2-cre_key.sh: line 33: /openssh-7.5p1/ssh-keygen: cannot execute binary
>> file
>> make[1]: *** [testhostkey_rsa] Error 126
>>
>> Thanks in advance.
>> Regards
>> Mohit Gupta
>>
>
> Regards,
> Roumen Petrov
>
>
> --
> Secure shell with X.509 certificate support
> http://roumenpetrov.info/secsh/
>
>
> _______________________________________________
> ssh_x509 mailing list
> ssh_x509 at roumenpetrov.info
> http://roumenpetrov.info/mailman/listinfo/ssh_x509_roumenpetrov.info
>
-------------- next part --------------
sw0:FID128:root> cat /etc/sshd_config
#       $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

Port 830
Port 22
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# The default requires explicit activation of protocol 1
#Protocol 2

# HostKey for protocol version 1
#HostKey /vobs/projects/springboard/build/swbd1000/target/etc/ssh_host_key
# HostKeys for protocol version 2
HostKey /etc/ssh_host_dsa_key
HostKey /etc/ssh_host_rsa_key
HostKey /etc/ssh_host_ecdsa_key

#ServerKeyBits 768

#RekeyInterval 3600

# "key type names" for X.509 certificates with EC key
#X509KeyAlgorithm x509v3-ecdsa-sha2-nistp256,sha256,ecdsa-sha2-nistp256
#X509KeyAlgorithm x509v3-ecdsa-sha2-nistp384,sha384,ecdsa-sha2-nistp384
#X509KeyAlgorithm x509v3-ecdsa-sha2-nistp521,sha512,ecdsa-sha2-nistp521

# "key type names" for X.509 certificates with RSA key
# Note first defined is used in signature operations!
#X509KeyAlgorithm x509v3-sign-rsa,rsa-sha1
#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5

# "key type names" for X.509 certificates with DSA key
# Note first defined is used in signature operations!
#X509KeyAlgorithm x509v3-sign-dss,dss-asn1
#X509KeyAlgorithm x509v3-sign-dss,dss-raw

# The intended use for the X509 client certificate. Without this option
# no chain verification will be done. Currently accepted uses are case
# insensitive:
#  - "sslclient", "SSL client", "SSL_client" or "client"
#  - "any", "Any Purpose", "Any_Purpose" or "AnyPurpose"
#  - "skip" or ""(empty): don`t check purpose.
#AllowedCertPurpose sslclient

# Specifies whether self-issued(self-signed) X.509 certificate can be
# allowed only by entry in AutorizedKeysFile that contain matching
# public key or certificate blob.
#KeyAllowSelfIssued no

# Specifies whether CRL must present in store for all certificates in
# certificate chain with atribute "cRLDistributionPoints"
#MandatoryCRL no

# A file with multiple certificates of certificate signers
# in PEM format concatenated together.
#CACertificateFile /vobs/projects/springboard/build/swbd1000/target/etc/ca/ca-bundle.crt

# A directory with certificates of certificate signers.
# The certificates should have name of the form: [HASH].[NUMBER]
# or have symbolic links to them of this form.
#CACertificatePath /vobs/projects/springboard/build/swbd1000/target/etc/ca/crt

# A file with multiple CRL of certificate signers
# in PEM format concatenated together.
#CARevocationFile /vobs/projects/springboard/build/swbd1000/target/etc/ca/ca-bundle.crl

# A directory with CRL of certificate signers.
# The CRL should have name of the form: [HASH].r[NUMBER]
# or have symbolic links to them of this form.
#CARevocationPath /vobs/projects/springboard/build/swbd1000/target/etc/ca/crl

# LDAP protocol version.
# Example:
# CAldapVersion 2

# Note because of OpenSSH options parser limitation
# use %3D instead of = !
# LDAP initialization may require URL to be escaped, i.e.
# use %2C instead of ,(comma). Escaped URL don't depend from
# LDAP initialization method.
# Example:
# CAldapURL ldap://localhost:389/dc%3Dexample%2Cdc%3Dcom

# SSH can use "Online Certificate Status Protocol"(OCSP)
# to validate certificate. Set VAType to
#  - none    : do not use OCSP to validate certificates;
#  - ocspcert: validate only certificates that specify `OCSP
#      Service Locator' URL;
#  - ocspspec: use specified in the configuration 'OCSP Responder'
#      to validate all certificates.
#VAType none

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024

#RekeyLimit default none

# Logging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

LoginGraceTime 120
PermitRootLogin yes
#StrictModes yes
MaxAuthTries 6
MaxSessions 1

#RSAAuthentication yes
#PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
#AuthorizedKeysFile     .ssh/authorized_keys

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody

# For this to work you will also need host keys in /vobs/projects/springboard/build/swbd1000/target/etc/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes

#AllowAgentForwarding yes
AllowTcpForwarding no
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
PrintLastLog no
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no
#Compression delayed
ClientAliveInterval 0
ClientAliveCountMax 4
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
AllowedLogin admin
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none

# no default banner path
#Banner none

# override default of no subsystems
Subsystem       sftp    /usr/libexec/sftp-server
Subsystem   netconf /usr/confd/bin/confd_netconf_subsys

# Example of overriding settings on a per-user basis
#Match User anoncvs
#       X11Forwarding no
#       AllowTcpForwarding no
#       PermitTTY no
#       ForceCommand cvs server

KexAlgorithms diffie-hellman-group14-sha1
-------------- next part --------------
sw0:FID128:root> cat ssh_config
# This is ssh client systemwide configuration file.  This file provides
# defaults for users, and the values can be changed in per-user configuration
# files or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for various options

# Host *
#   ForwardAgent yes
#   ForwardX11 yes
#   RhostsAuthentication yes
#   RhostsRSAAuthentication yes
#   RSAAuthentication yes
#   TISAuthentication no
#   PasswordAuthentication yes
#   FallBackToRsh yes
#   UseRsh no
#   BatchMode no
#   StrictHostKeyChecking no
#   IdentityFile ~/.ssh/identity
#   Port 22
#   Cipher idea
#   EscapeChar ~

Ciphers 3des-cbc

Macs hmac-sha2-256


More information about the ssh_x509 mailing list