tech-security: Re: setuid ssh

Subject: Re: setuid ssh
To: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
From: Andrew Brown <atatat@atatdot.net>
List: tech-security
Date: 10/18/2000 10:13:40
  by mail.netbsd.org with SMTP; 18 Oct 2000 14:13:47 -0000
	by noc.untraceable.net (8.11.1/8.11.1/bonk!) id e9IEDeQ00100;
	Wed, 18 Oct 2000 10:13:40 -0400 (EDT)
Date: Wed, 18 Oct 2000 10:13:40 -0400
From: Andrew Brown <atatat@atatdot.net>
To: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
Cc: Atsushi Onoe <onoe@sm.sony.co.jp>, cjs@cynic.net,
   hubert.feyrer@informatik.fh-regensburg.de, tech-security@netbsd.org
Subject: Re: setuid ssh
Message-ID: <20001018101339.A29982@noc.untraceable.net>
Reply-To: Andrew Brown <atatat@atatdot.net>
References: <atatat@atatdot.net> <20001018141036.1EB702A2A@orchard.arlington.ma.us>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20001018141036.1EB702A2A@orchard.arlington.ma.us>; from sommerfeld@orchard.arlington.ma.us on Wed, Oct 18, 2000 at 10:10:30AM -0400
Return-Receipt-To: receipts@daemon.org

>> ...unless it used the long term private half to sign the short term
>> public half that the agent was storing.  
>
>That's what I said:
>
>> >use the user's long-term key to sign a short-term "certificate"
>> >saying that the temporary keypair is equivalent to the long-term
>> >key for some (short) lifetime."
>
>so, moving on:

okay, but i was just rephrasing to test my understanding.  :P

>> ssh-agent would never need to know about the long term key.
>
>correct; the signing could happen in ssh-add.

good.

>> ...of course, a new form of rsa authentication would have to be added:
>> SSH_AUTH_RSA_RSA with the long term public piece, the signature on the
>> short term public half that the long term public half can be used to
>> verify, and the short term public half.  
>
>you want to sign more than just the short-term key; you also need to
>sign a mini-certificate including a validity period so that the end
>server can enforce expiration of the short-term key.

a mini-certificate?  it could just be a time_t, yes?  appended to the
key before hashing for signing, and then kept with it.  or am i again
simply restating what you said?

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."