People frequently ask me what I am doing typing on my Palm right before logging in one of my remote systems. The answer is quite simple:
generating my next password . People always seem puzzled by that answer Maybe I am just too old to have had only telnet sessions available to remote connections (that was the time before
SSH took over)... or maybe I am just too paranoid regarding the access to my systems Anyway, I like One Time Passwords, and here is an article I can refer to when I get asked again ;-)
One Time Passwords are just that: passwords that are good for one time use. They never repeat and once used you can throw it away securely. They were quite common when the authentication was done in clear text (so that any man-in-the-middle could steal your passwords), back in the r-tools age (rcp, rsh, rlogin, rexec, etc). After the
SSH-related tools took over, providing easy tunneling and remote access,
MITM attacks were of much concern, so OTPs became less relevant. What a shame, for they even have a
couple of
standards for those!
But there s still room for OTPs Question: Is it easier to deploy a
MITM attack or a keylogger? That s right We are always connecting to our remote systems in public terminals (well at least I am right now typing from the hospital computer), and a
keylogger is so easily installed in one of those terminals, even remotely, that no one would ever get close to deploy a refined
MITM attack just to steal someone s password. One would just install a keylogger! All the security
SSH provides would just be gone by then. That s why I use
SSH to connect to my remote machines, but use OTPs to authenticate myself.
It s so easy to deploy it. In
Debian you ll find packages
opie-server and
libpam-opie and those are the only things you ll need on the server side (besides
SSH, obviously).
OPIE means One-time Passwords In Everything , and combined with
PAM, one can really use it
everywhere.
After installing it, you ll have to generate the password file for your account:
spectra@home:~$ opiepasswd -c
Adding spectra:
Only use this method from the console; NEVER from remote. If you are using
telnet, xterm, or a dial-in, type ^C now or exit with no password.
Then run opiepasswd without the -c parameter.
Using MD5 to compute responses.
Enter new secret pass phrase:
Again new secret pass phrase:
ID spectra OTP key is 499 ho6484
HAVE COOK LOLA AIRY NEIL ROAM
The pass phrase will be used to generate the passwords in a step before your login. Please, try not to forget it (specially if you re following this article and playing with some remote system at the same time). Now you can edit
/etc/pam.d/ssh file (or its equivalent in non-Debian systems) to require that kind of authentication. Mine just looks like this:
# /etc/pam.d/ssh
auth required pam_env.so
auth required pam_env.so envfile=/etc/default/locale
auth required pam_opie.so
First two lines are unrelated and just load the environment variables. Last line is where the fun is. Please, note two things: (1) I removed references to
pam_unix.so, which is what would ask for my real password, that I want to disable (no login is allowed with that password). And (2), I declared it as
required, meaning that failing it will keep one out of the system.
We are not ready yet!
SSH will work by now, but will not present you the
OTP challenge. Probably you could still login, but you d have to remember which is the current password (Trust me, you would not!). To get the challenge you ll need to enable it in
/etc/ssh/sshd_config change the following line:
ChallengeResponseAuthentication yes
That s it. Now to login to your remote machine, that s what will usually happen:
spectra@hospital:~$ ssh home
otp-md5 498 ho6484 ext, Response:
spectra@home:~$
Voil ! It asks for password #498. By default, it starts with 500 passwords and goes down from that. Password #498 were asked, so the next will be #497. After that, #498 is not useable anymore, and #496 is not useable yet. You can generate a list of those passwords (let s say 10), print it and keep it in your pocket. This is the command you d use for that:
spectra@home:~$ opiekey -n 10 498 ho6484
Using the MD5 algorithm to compute response.
Reminder: Don't use opiekey from telnet or dial-in sessions.
Sorry, but you don't seem to be on the console or a secure terminal.
Warning: Continuing could disclose your secret pass phrase to an attacker!
Enter secret pass phrase:
489: CALM INTO WEEK APS LOON VIE
490: HASH GYM RAID GOSH HOYT DUAL
491: BELL GIN RIFT HELM GUY BUNK
492: HEBE OBOE SUP LEG LULU LANG
493: HOYT JOT ASK JOG GIBE BETH
494: NASH MOOT HIND YEAH YAP CARL
495: MATE OF BARD LAVA LEAK AHOY
496: TAB BAG KEY GILT AVID VEAL
497: MOLE FORM NIB LEER ROSS HAVE
498: SING WERE OVEN SOD VEIN NIBS
That is not so secure, since you can loose the paper and be doomed Luckily there are lots of small softwares that does this generation for you. Some you can use from
your Palm or from some
J2ME-enabled phone (such as
N95). Some your can use from
another (trusted)
computer. Some are even online, written in
javascript!
There are at least one other side-benefit of using
OPIE as above: You can give away your user password (
even root password OK, probably not a Good Thing
TM), that the system would still be secure, since it only allows
SSH authentications via
OPIE! If the session is started with a username whose
opiepasswd was not activated (first step scroll back to the beginning of the article),
SSH will greet you with a bogus challenge only opie-activated users will be allowed to login with the above configuration.
Easy enough, isn t it? Now, next time you see me typing on my Palm before opening an
SSH connection you ll know what I am doing ;-)