[Twisted-Python] twisted.conch.checkers.SSHPublicKeyDatabase validate signature data

Adi Roiban adi at roiban.ro
Mon Apr 22 07:35:48 EDT 2013

On 22 April 2013 12:01, Adi Roiban <adi at roiban.ro> wrote:

> Hi,
> In RFC 4252 http://www.ietf.org/rfc/rfc4252.txt for The Secure Shell
> (SSH) Authentication Protocol at section 7. Public Key Authentication
> Method: "publickey"
> There is the following information about SSH public key signature.
>  The value of 'signature' is a signature by the corresponding private key over the following data, in the following order:
>       string    session identifier
>       byte      SSH_MSG_USERAUTH_REQUEST
>       string    user name
>       string    service name
>       string    "publickey"
>       boolean   TRUE
>       string    public key algorithm name
>       string    public key to be used for authentication
>    When the server receives this message, it MUST check whether the supplied key is acceptable for authentication, and if so, it MUST check whether the signature is correct.
> The current code check that key is accepted for authentication and it also
> verifies if signature is correct.
> It does not check that session the format of the signed data, especially
> if session identifier from signed data is  the same as the session of the
> the current SSH transport  session.
> -----
> I also found this document describing how ssh public key authentication
> works, but it differes from the current conch.ssh userauth.py
> implementation... maybe it is for SSH v1
> http://www.unixwiz.net/techtips/ssh-agent-forwarding.html#chal
> ------
> Shouldn't twisted.conch.checkers.SSHPublicKeyDatabase also check that
> session id from signed data match the one from transport session?
> Maybe it does but I am not looking at the right place.
> I see that in conch/checkers.py line 167
> https://github.com/tomprince/twisted/blob/trunk/twisted/conch/checkers.py#L167
> there is this check, which once signature is valid  it just returns
> avatar_id:
>                 if pubKey.verify(credentials.signature,
> credentials.sigData):
>                     return credentials.username

I found out that I was wrong and I found how the signed data is generated.
Here is the imprtant part:

Sorry for the trouble!
Adi Roiban
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://twistedmatrix.com/pipermail/twisted-python/attachments/20130422/7e40ecb8/attachment.htm 

More information about the Twisted-Python mailing list