This article is the second part of the OpenSSH and demonstrates configurations as well as tricks that make using the protocol more secure.
To begin, let’s concentrate on the One Time Password (OTP). We are going to achieve our already secure SSH in conjunction with OTP for remote system connections. At first, in algorithmic meaning, OTP is a character string which should never repeat. However, “never” is a notion near infinity that never achieves it. Secondly, OTP has a discrete form of existing. The lifetime is finite and stands unchanged for seconds, minutes, possibly months or years.
Imagine you have a system which generates a new character string every minute, and let’s name it as our OTP. The exemplary system uses 26 characters of an alphabetical array [a, b, …, z] (lower-case letters only) and 10 characters of digits [0, 1, …, 9]. OTP is 16 characters long and includes characters from the mentioned arrays. So, we can obtain from the example such character strings:
rwsyqhz45gtbuwhd
gbmmx5dlcytq60in
t27l5m86yqkslvb0
How many different character strings can we generate? What is the probability of guessing the correct character string? Let’s go back to the math.
Count of the number of possible characters to use:
26+10=36 [a, b, …, z, 0, 1, …, 9]
Length of the character string (OTP): 16. Now, step-by-step:
1) The first character of the string can be randomly selected as 1 from 36, hence we have 36 options of that.
2) The second character of the string can be randomly
selected as 1 from 36 as well, and hence we still
have 36 options for this character.
3) The third character of the string can be randomly selected
as 1 from 36 and have 36 options as well.
… 16) The last character of the string can be randomly selected
as 1 from 36 and we have 36 options.
We assume that the characters can be the same and, in
this particular case, all 16 characters can be the same.
A combination of all characters in our 16 long string is
equal (step-by-step).
1) We have a one character string: 36 different character strings.
2) We have a two character string: 36 multiply 36 is equal to 1296 (36*36=1296) different character strings.
3) We have a three character string: 36*36*36= 46656 (363=46656) different character strings.
… 16) We have a sixteen character string: 3616= 7958661109946400884391936 different character strings.
Is the number huge? Let’s check.
We will assume that we change our OTP once every minute and the OTP “never” repeats. There are 1440 minutes in one day. There are 365.25 days in one year. For how many days shall we have different character strings?
7958661109946400884391936 divided by 1440 is equal to 5526847993018333947494.4 days.
For how many years shall we have different character strings?
5526847993018333947494.4 divided by 365.25 is equal to around 15131685128044719911 years. Around 15 quintillion years (in short scale) for IT guys, it’s the same as 15*1018 years (15 ExaYears). If you are interested in learning all the scales, (short and long), look at the website en.wikipedia.org/wiki/Long_and_short_scales.
To compare that number with something similar, know that the lifetime of the proton (predicted) is equal to 3*1040 seconds, the age of the universe is equal to 5*1017 seconds, and our number of different OTPs is equal to around 7.95*1024. The probability of guessing the OTP is 1 to 7.95*1024.
The machine, (computer, especially CPU), can work for one minute to find out the OTP. The probability of guessing the OTP during one minute by the fastest computer in the world (www.top500.org) with a performance of 33.86 petaflops per second (33.86*1015 flops/s) is around (33.86*1015 )*60 / 7.95*1024 = 2,55*10-6 (0,000255%). Note: it’s a very simple comparison and there are many searching algorithms which could be used to speed up finding out the OTP, but the probability of the worst case scenario shows the scale.
We can argue that our 16 long One Time Password is secure enough. If we try to use not a 36 character array, but the ASCII table of characters, we shall have 12816 OTPs. Try to compute this and compare with the known universe mass equal to 1*1053!
Let’s go back to our SSH. We will explore a few methods of generating and using an OTP but first, we shall get familiar with passwords on Unix systems. Both FreeBSD and OpenBSD systems keep passwords in the /etc/master.passwd file and the user password is encrypted by one of the algorithms set in the /etc/login.conf (find string :passwd_format= in FreeBSD and :localcipher= in OpenBSD).
There are many hash functions that can be used to calculate the encrypted password: DES, Blowfish, MD5, SHA256, SHA512 etc. By default FreeBSD uses SHA512 and OpenBSD uses Blowfish with 6 iterations.
It’s good to know more about the content of the master. passwd file which stores the encrypted user’s passwords.
Look at the command below:
# cat /etc/master.passwd | grep John
John:$1$4yQeiBqO$AZOv/r0Q4DcxkF5KvcKN8/:1001:0:admin:0:0:J
ohn Buzz:/home/John:/bin/sh
Special data is separated by the $ sign and the hashed password $1$4yQeiBqO$AZOv/r0Q4DcxkF5KvcKN8/ is described
below:
1 means MD5 algorithm.
4yQeiBqO is a salt used to make the password more difficult to find out. Salt is generated by the first two characters of the encrypted password. AZOv/r0Q4DcxkF5KvcKN8/ is the encrypted password.
As previously stated, FreeBSD uses SHA512 by default, (which would display the number 6 behind the first $ sign), but one can change it to MD5 by adding the following lines to /etc/login.conf.
admin:
:passwd_format=md5:
To apply the above changes, run the following command.
# cap_mkdb /etc/login.conf
The same command works for OpenBSD as well. Note: the MD5 hash function is worse than SHA512. Worse means that it takes less computing to break the hash. I only showed as an example, how generating a new password should work and how to change the hash function. If your system still uses DES, MD5 or other weak functions, change it.
You could come up with the idea to just replace the string in the master.passwd file, but it’s not as easy as coming up with the idea. Let’s use third party applications to generate our OTP.
For security and information reasons, try to tinker and change some of the following values for a particular user or a group in the login.conf file. Are some of them combined with SSH? Yes: “welcome” for sure. The rest of the options should be clear. Default values from my OpenBSD and FreeBSD respectively. For more information about the login.conf file, look at the command man login.conf.
default:
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin
/usr/local/bin /usr/local/sbin:
:umask=022:
:datasize-max=512M:
:datasize-cur=512M:
:maxproc-max=256:
:maxproc-cur=128:
:openfiles-cur=512:
:stacksize-cur=4M:
:localcipher=blowfish,6:
:ypcipher=old:
:tc=auth-defaults:
:tc=auth-ftp-defaults:
default:
:passwd_format=sha512:
:copyright=/etc/COPYRIGHT:
:welcome=/etc/motd:
:setenv=MAIL=/var/mail/$,BLOCKSIZE=K:
:path=/sbin /bin /usr/sbin /usr/bin /usr/games /
usr/local/sbin /usr/local/bin ~/bin:
:nologin=/var/run/nologin:
:cputime=unlimited:
:datasize=unlimited:
:stacksize=unlimited:
:memorylocked=64K:
:memoryuse=unlimited:
:filesize=unlimited:
:coredumpsize=unlimited:
:openfiles=unlimited:
:maxproc=unlimited:
:sbsize=unlimited:
:vmemoryuse=unlimited:
:swapuse=unlimited:
:pseudoterminals=unlimited:
:priority=0:
:ignoretime@:
:umask=022:
FreeBSD and OpenBSD use different applications to generate the OTP for us. OpenBSD uses S/Key system and FreeBSD uses OPIE. Let’s start for FreeBSD. FreeBSD OTP by OPIE (One-Time Passwords in Everything)
There is a seed that consists of two letters, five digits and an iteration count. The OTP is created by concatenating a secret password with the seed and then applying the hash function MD5 as many times as the iteration count states. Then the OPIE turns the result into six words as our OTP. Let’s assume that we are logged in to our system via SSH. Here are the step-by-step instructions to run OTP. Initialization (please be logged on as a standard user not privileged):
# opiepasswd -c
And output (system requests for the pass phrase for user
John):
Adding John:
Only use this method from the console; NEVER from remote.
If you are using
telnet, xterm, or a dial-in, type ^C now or exit with no
password.
Then run opiepasswd without the -c parameter.
Using MD5 to compute responses.
Enter new secret pass phrase:
Again new secret pass phrase:
ID John OTP key is 499 mo3726
TACK LOP AN ADEN GIFT BEND
499 – sequence number
mo3726 – seed
At this time, if user John tries to log in via SSH, he is asked to type the OTP. Where is the password? Password is generated on the other machine using the following command:
$ opiekey 498 mo3726 ext
Using the MD5 algorithm to compute response.
Reminder: Don’t use opiekey from telnet or dial-in sessions. Enter secret pass phrase:
WAS KURD LOG MONA BONE DRUG
Copy WAS KURD LOG MONA BONE DRUG into the terminal where you’re trying to log in and asking for a password. The Listing 1 depicts the result.
If you didn’t read the first article, please be informed that MATRIX, Attempts, left and Unlock key texts are my own application prompts. You can try it by downloading from www.iptrace.pl (go to Download and click on a Download Locker button). The application is free of charge on the BSD Licence. Please send any suggestions and bugs found at the Locker via e-mail to locker@iptrace.pl. If you want to generate more than one OTP, run the following command. Option –n and then a value to indicate the number of OTPs.
$ opiekey -n 5 498 mo3726 ext
Using the MD5 algorithm to compute response.
Reminder: Don’t use opiekey from telnet or dial-in sessions. Enter secret pass phrase:
494: LAY REAL RASH JUJU LANG LINE
495: SAIL DOCK TILE MIRE SOY NULL
496: YAM WEAR ROAM FIST TWIN SUE
497: TRAM CANT FOLK AFRO OVA BAND
498: WAS KURD LOG MONA BONE DRUG
Please bear in mind that it’s not a good solution to generate a password on the first system to log into a second one. If you want to have all SSH terminals (systems) blocked by OTP use an MS Windows application to generate an OTP. See the following screenshot of that application. You can download WinKey from ftp://ftp.irisa.fr/pub/OTP/. Note: the OTP generated by OPIE doesn’t change the real UNIX passwords in master.passwd file. To disable using OPIE run the following command:
$ opiepasswd –d John.
To allow logging in for users from specified IP addresses or networks via UNIX password and bypass OPIE, change the settings in the /etc/opieaccess file. But you can still use OTP if needed. So you have two ways to get the system.
OpenBSD OTP by S/Key (One-Time Passwords in Everything)
The S/Key uses a secret pass phrase with challenge. Conceptually, the workings of S/Key are similar to OPIE.
Let’s assume that we are logged in to our system via SSH. Here are the step-by-step instructions to run the OTP generator.
Initialization (please be logged on as a privileged user,root) to create the /etc/skey directory:
# skeyinit -E
Re-login as a standard user, for my example the user is
John, then run the following command.
# skeyinit
And output (system requests for the pass phrase for user
John):
Reminder – Only use this method if you are directly
connected
or have an encrypted channel. If you are using telnet,
hit return now and use skeyinit -s.
Password:
[Adding John with md5]
Enter new secret passphrase:
Again secret passphrase:
ID John skey is otp-md5 100 utm167228
Next login password: SEAL TEEN FROG HAWK WADE RID
Yes, you’re right. It’s almost the same as for OPIE. So, it’s easy to go through the rest of the tour.
# skey 100 utm113739
Reminder – Do not use this program while logged in via telnet.
Enter secret passphrase:
SARA CHIN WATT KNEW CUB SCOT
Once again, if you want to generate more than one OTP, run the following command. Option –n and then a value that indicates the number of OTPs.
utm1:~> skey -n 5 100 utm113739
Reminder – Do not use this program while logged in via
telnet.
Enter secret passphrase:
96: DOES BLAT TILT NOLL NARY HUT
97: WARN TWIG FREE TRAY SIGH AIDE
98: LENT BURN GEL GOES CHAD LOOT
99: SHOW AWE TINA LIED WATT WANT
100: SARA CHIN WATT KNEW CUB SCOT
Again, we use WinKey to generate OTP (Figure 2). The last one change in OpenBSD is to replace one row in the login.conf file. See what data should be correct.
auth-defaults:auth=skey,passwd:
For security reasons change the second line as well.
auth-ftp-defaults:auth-ftp=skey,passwd:
To apply the above changes run the following command.
# cap_mkdb /etc/login.conf
If you’re not going to use password authorization in the near future, delete the password value from the above to enforce using the OTP only. It does not work for root, who always can get on the system using a standard Unix password. Note: we don’t generate the OTP for a privileged user, root, due to maintenance, to not make the authentication track more complicated, and for ease of using an account from the console. You have to know that OpenBSD behaves differently than FreeBSD during logging using the su command. Even though we have not created the OTP for root, OpenBSD asks for it. To prevent this use the following command when you log in from a standard user.
# su –a passwd
Let’s look for the logging successful process (Listing 2).
Remember, if a counter is going to 0 (zero), it’s important to reinitialize the counter again. Use the following commands for OpenBSD and FreeBSD respectively, otherwise you won’t be able to log in.
# skeyinit
# opiepasswd -c
Conclusions
Using One Time Passwords (OTPs) is a very good approach to improving system authorization security. In conjunction with public/private keys, Unix passwords and some OpenSSH defences, OTP ensures great security without too much of a decrease in functionality.
In the next series you will find out more about:
• VPN tunnelling – creating Virtual Private Networks using OpenSSH
• SFTP – known as SSH File Transfer Protocol to opposite of a standard FTP
About the Author
Arkadiusz Majewski comes from Poland. He has 15 years’ experience with ICT technologies, including 15 years of IT networks, 10 years of BSD systems and MS Windows Server solutions. He has also 5 years’ experience with programming languages and Telco solutions. He’s interested in security on all business and ICT levels. In his free time he reads ICT books, and deepens his knowledge about science (math, physics, chemistry). His hobby is cycling and motorization. He’s a graduate of Warsaw Information Technology under the auspices of the Polish Academy of Sciences. Feel free to contact the author via e-mail bsd.magazine@iptrace.pl.
