SKey and OPIE
One of the major drawbacks of using conventional authentication is that if an attacker gains access to a password, they would be able to impersonate the user in question. But what if the password was different every time? The concept of one-time passwords is what inspired Bellcore engineers to design the S/Key system. By using a hash algorithm seeded by a small secret key (e.g., a password), the S/Key system allows you to use a predefined sequence of passwords to log onto a Linux server, using each password only once.
The success of this scheme hinges on the fact that it is extremely hard to predict the next password if the current one is learned. This is accomplished with a strong hash function (based on the MD4 algorithm) that uses a password as a seed value. A sequence of eight-byte passwords is then produced and translated into six English words. Every time the user wants to log on to the server, they have to use this six-word sequence as the password.
The server expects the last password of the sequence first and then expects the rest of the passwords in reverse order. This means that if an attacker gets hold of the current password, they would have to guess the previous password in the sequence, which would mean reversing the hash function. This is extremely difficult, given the strength of the MD4 algorithm.
In 1994, the U.S. Naval Research Laboratory (NRL) took the S/Key concept and re-implemented it using the stronger MD5 hashing algorithm. The so-called OPIE system
(One-time Passwords In Everything) also introduces a number of bug fixes and includes an installation system much easier than the original Bellcore S/Key installation system.
Installing OPIE
RPM distributions of the OPIE system should be readily available from your favorite Linux repository. Simply download the latest package and install it using the following command:
Configuring OPIE
You need to perform three tasks to get OPIE running on your Linux server. First, create a file named /etc/opieaccess to define which network clients are allowed to use regular passwords and which network clients are allowed to use one-time passwords. By default, OPIE allows the use of both regular and one-time passwords, and you may want to have at least one host from which to log on using regular passwords in case you experience problems generating one-time passwords. This should be the local host (i.e., the console).
The general format of the /etc/opieaccess file is:
action network mask
The value of the action field can be either permit or deny. The network and mask fields denote the network to which the action pertains. Consider the following example where you allow the local host (127.0.0.1) as well as the entire 163.179.251.0 class-C network to use regular passwords, except for host 163.179.251.1, which, along with all other non-specified hosts, needs to provide an OPIE response to a challenge in order to successfully log on:
[ramon]$ more /etc/opieaccess permit 127.0.0.1 255.255.255.255
permit 163.179.251.0 255.255.255.0
deny 163.179.251.1 255.255.255.255
Second, you need to replace the standard Linux /bin/login program with the OPIE login program (/usr/sbin/opielogin). Simply enter the following commands:
[ramon]$ sudo mv login login.ORIG
[ramon]$ sudo cp /usr/sbin/opielogin /bin/login
-rwxr-xr-x 1 root root 16508 Feb 26 22:34 /bin/login
Third and finally, you need to create an initial secret for each of the users that you want to authenticate via OPIE using the opiepasswd utility. You can set an initial password for them as root. In the following example, you use the -c option to signal that you are in a secure terminal (you should only set passwords on the system console). You also specify the -n 15 option to force opiepasswd to generate 15 one-time passwords for username alice:
[ramon]$ sudo opiepasswd -c -n 15 alice
Adding alice:
Only use this method from the console; NEVER from remote. If you are using telnet, xterm, or a dial-in, type AC now or exit with no password.
Then run opiepasswd without the -c parameter. Using MD5 to compute responses. Enter new secret pass phrase: Again new secret pass phrase:
ID alice OTP key is 15 re6667 BEER HANG ONTO DEAD WEAR DANE
Alternatively, you may want to rely on your users to set their own passwords: [a1ice]$ opiepasswd -c -n 15 Adding alice:
Only use this method from the console; NEVER from remote. If you are using telnet, xterm, or a dial-in, type AC now or exit with no password.
Then run opiepasswd without the -c parameter. Using MD5 to compute responses. Enter new secret pass phrase: Again new secret pass phrase:
ID alice OTP key is 15 re6667
BEER HANG ONTO DEAD WEAR DANE
This is the same command as the one from the previous example, but since user alice executes it herself, she does not need root privileges.
WARNING Only use the opiepasswd command when logged in using a secure terminal, one that is physically connected to the target system, typically the system console. If exposed in the clear, the secret passphrase is subject to eavesdropping, which defeats the whole purpose of using one-time password authentication.
As you can see, there are three arguments to the opiepasswd command:
opiepasswd -c -n sequence username These fields have the following meanings:
■ The -c argument informs the utility that you are using a secure terminal, and it is okay to set the passphrase over this connection.
■ The -n sequence argument sets the number of one-time passwords on the sequence (more on that in the next section).
■ The username informs opiepasswd of the username for which it is initializing a secret passphrase.
Using OPIE
Now that you have initialized the OPIE login for Alice, she is ready to log on to the target system and authenticate using a challenge/response one-time password. Since you have installed the OPIE-specific /bin/1ogin program, any interactive-access daemon such as te1net or r1ogin forces Alice to authenticate using an OPIE response to a challenge, unless the network that she's attempting to log in from has been included in the /etc/opieaccess file. In that case, she can either issue a response or use her regular Linux password.
If Alice is on host at1antis and wishes to log on to the remote host cha11enger using OPIE, she is presented with the prompt in Listing 13.17.
Listing 13.17 Logging on to a remote host using OPIE
[a1ice]$ hostname at1antis
[a1ice]$ telnet challenger
Connected to cha11enger (192.168.1.2).
Red Hat Linux re1ease 7.0 (Guinness)
Kerne1 2.2.16-22 on an i686
1ogin: alice otp-md5 15 re6667 ext
Response:
At this point, alice has two options. The first option is to use the otp-md5 utility on her own system (at1antis) in another xterm window, as shown in Listing 13.18.
Listing 13.18 Using the otp-md5 utility in an xterm window
[a1ice]$ hostname at1antis
[a1ice]$ otp-md5 15 re6667 ext
Using the MD5 a1gorithm to compute response. Reminder: Don't use opiekey from te1net or dia1-in sessions. Enter secret pass phrase: BEER HANG ONTO DEAD WEAR DANE
The otp-md5 utility simply generates a one-time password using the MD5 hashing algorithm. It takes two arguments:
otp-md5 sequence seed
The sequence is the number of MD5 iterations that the otp-md5 utility uses to hash the seed into a one-time password (the response). Note that both the sequence (15) and the seed (re6667) are included in the challenge in the previous example. Once the response has been calculated, Alice can simply cut it from the at1antis window and paste it at the prompt in the cha11enger window, as follows:
1ogin: alice otp-md5 15 re6667 ext
Response: BEER HANG ONTO DEAD WEAR DANE
Last 1ogin: Tue Feb 27 15:38:47 from at1antis ^
Alice's second option is to pre-print a number of one-time passwords and keep the entire sequence with her. She can use the otp-md5 utility to do this by specifying the -n sequence option, as shown in Listing 13.19.
Listing 13.19 Using the otp-md5 utility to pre-print one-time passwords
Using the MD5 a1gorithm to compute response.
Reminder: Don't use opiekey from telnet or dial-in sessions.
Enter secret pass phrase:
1: SAP GRAD COT BOWL BOLD TASK
2: OLAF DATA JIVE COLD REIN IRE
3: GRID TAR FUNK FIND TWIG TOAD
4: HAP WILD KONG TWIT HYMN HERS
5: GAIL SUNK READ CLAW HALL DAR
6: EDIT RUDY SAN BAG HATH SUE
7: TOW LEO DUAL TINA HATE BUB
8: BEAN ROVE SALT BOSE RECK BOLT
9: TOE MITE GAM GINA REB RODE
10: HACK MARC JAY CEIL SUM DARE
11: SIRE AD IONS RUE RASH LOB
12: TROD BOGY CEIL GREW NIL LUND
13: TEN DUB SAD MORT FORE REB
14: YET MART VEND IOWA TOE MONK
15: BEER HANG ONTO DEAD WEAR DANE
Or, if Alice would like to print out the list so she can take it with her, she would enter the following command:
Note that every time Alice successfully logs on to challenger with her OPIE response, the sequence number is decremented by one. So the next time she will be prompted with the 14th challenge.
As you can see, these is a fair amount of up-front work to be done to set up OPIE, but once it is ready, the advantages over regular username/password authentication are obvious: There will never be a need to expose user passwords in the clear again.
Continue reading here: Pluggable Authentication Modules PAMs
Was this article helpful?