Code|Beta

I’m a listener of the Security Now Podcast from TWiT network and a couple of episodes ago Steve Gibson spoke about a One Time Passwords system that he had created which is denominated Perfect Paper Passwords and he explained how it works.

The community has actually taken this security system and have developed ways to implement this technology into various systems so that it can be used to better secure servers and other applications. There is one project in Google Code which created a PAM module for Linux and MacOS X so that the user can implement the PPP.

I have taken this into consideration and applied it to my SSH server so that my log ins require for me to enter an OTP. For more details on how this work you can check episodes 115 and 117 from Security Now. I’ll try to explain how this work, though on a more general level, and how I managed to implement this on my current infrastructure.

Perfect Paper Passwords was created on the idea that the user would carry a piece of paper with a series of passwords which contain random alphanumeric characters and also especial characters and the user would simply use one password when attempting to log in into a system that is protected using this system. Given the fact that the idea is for this system to not have the same password for every login the piece of paper would have multiple passwords and once one of them has been used it will never be used again.

The One Time Password systems is not something that is new to the tech industry and there are many implementations of this system by banks and other enterprise entities with the use of tokens. Tokens are a piece of hardware device that generates a random code every certain amount of time and the user is asked for this code when he would like to log in. The main difference between the use of a token and the way PPP works, at least in my opinion, is the fact that the PPP system is inexpensive because there is no hardware to maintain and purchase. For more information on this and a web demo you can visit the Gibson Research Corporation at: https://www.grc.com/ppp.htm

I downloaded the PAM module, which currently you need to compile for most distributions, from the Google Code project site and then had to verify that I met the dependencies prior to compiling. To download the code you can go to the following link: http://code.google.com/p/ppp-pam/

The dependencies are:

subversion

make

gcc

g++

libc6-dev

uuid-dev

libpam0g-dev

openssh-server

Subversion can be skipped since some people might want the stable version and not the latest bleeding edge development version. The rest are a must and since we are implementing it essentially with SSH then we will need to have an SSH server installed although given that it’s a PAM module it can be basically implemented system wide.

Since I’m using Debian on the machine that I’m installing this then I’ll show the Debian commands. I’ll also show the Arch Linux commands since I also have Arch installed on other systems in my network.

Debian:

$ sudo apt-get install make gcc g++ libc6-dev uuid-dev libpam0g-dev openssh-server

ArchLinux:

$ sudo pacman -S make gcc glibc openssh

On my ArchLinux machines the compilation ran fine without having to install any other applications. Just to make sure that it wasn’t just my system I tested compiling the PAM module on another server that runs ArchLinux and doesn’t have as much stuff as I have on my system. So you should be fine with simply installing those four packages under this distribution.

The following commands apply for any distribution since they are not to install packages but to actually compile and install the PAM module. The first step is to download the source code and if you’re like me and rather work on the console than on the GUI then you will most likely use wget:

$ wget http://ppp-pam.googlecode.com/files/ppp-pam-0.2.tar.gz

Currently that module is in version 0.2 though it appears that soon the version 0.3 will come out so it should be as easy as replacing the 0.2 with the 0.3 on the filename when that new version comes out. According to the data on their site, which I must say isn’t really a lot, it appears that the version 0.2 still has the version 1.0 of Steve’s PPP system which is now old since he has released version 2.0 already and that version includes new security enhancements. I read up on the version 0.3 of the module and it appears that this will have support for both versions though it will recommend that you migrate to the newer version of PPP which requires you to generate a new set of cards, as they’re called, for the passwords.

It was found by one of the listeners that the version 1.0 had some minor flaws with the way the passwords were generated that, although it doesn’t make your system as vulnerable as not implementing a system like this, the possibility for one password to exist twice and even be next to each other and even though the possibility exists is not common enough to be a major issue but, as they say, better safe than sorry so it was fixed on the new version by changing the algorithm used to generate the passwords. Right now I’m waiting for the stable version 0.3 for this module to come out so that I can upgrade to that version and it’s currently in testing.

After downloading the gzipped tarball you can decompress it:

$ tar xvzf ppp-pam-0.2.tar.gz

This will create a directory called ppp-pam that contains all of the source code for the module. Among all of the files and directories you will see one called build so we’ll go into that directory:

$ cd ppp-pam/build

At this point we have everything ready to start the compiling of the module, simply run the following commands:

$ ../configure

$ make

Most will be familiar with those two commands but for those who aren’t the configure command is to check for dependencies and the make is the command that actually compiles the program. The following command will install the module, there isn’t really much of an installation though, it’s basically a copy from the build directory where you are right now to the /lib/security directory and in order to do this just run the command:

$ sudo make install

Now this only works if PAM is set to look for the plug in modules in the directory /lib/security which is the case in most distributions out there. With the 64-bit distributions the directory does change and running the above command will fail because the directory under the 64-bit distributions the directory is /lib64/security so you would have to manually copy the file over to that directory by running the following command:

$ sudo cp pam_ppp.so /lib64/security/

At this point work with the PAM module is complete since it’s compiled and already copied to the correct directory. In order to generate the password cards you need to run the application called pppauth and if you ran the make install command above then it’s in /usr/bin and if you didn’t run that command then that application is still sitting in the build directory.

Next I would recommend that you generate the keys before enabling the actual usage of this PAM module on the SSH or anywhere. The application pppauth is what you use to generate the cards but first I’ll look into the options that you can use with this application. According to the documentation that was written for the pppauth tool, which can be found on http://groups.google.com/group/ppp-pam/web/documentation, there are multiple options:

-k, –key
-a, –alphabet <string>
-s, –skip
-h, –html
-t, –text
-m, –name <name>
–next <num>
-c, –card <num>
-p, –passcode <RRC[NNNN]>
–passphrase <phrase>
–dontSkip
–showPasscode
-v, –verbose

In order to generate a new key you would use the -k option and it will automatically save the key information on the .pppauth directory in the user’s home directory. The options -a and -m are used to modify the key that is being generated. The -a is used to establish the characters that can be used in the passwords that are printed on the cards and the default character set is:

!#%+23456789:=?@ABCDEFGHJKLMNPRS
TUVWXYZabcdefghijkmnopqrstuvwxyz

And this character set eliminates those characters that look similar, such as the zero (0) and the letter O so that the user doesn’t become confused when typing the password. You can change it to include whatever characters you want and the passwords will only contain those characters.

The -m option is just to add a name to the card that would help you identify the cards and it’s especially useful when you have multiple cards and you keep them together.

This tool is only able to issue the pass cards, as they are often referred to, in two formats either as a plain text on the console screen or on an html file. Given the fact that not all distributions are the same, it seems that Ubuntu might have issues with this, people have reported issues attempting to generate a pass card in HTML format thus it’s recommended that you use the text format.

To generate the first pass card you would run the following command:

$ pppauth -t -m <name> -c 1 -v -k

That will generate the first card for the new key that is being created. Replace the <name> with whatever name you want to give to this pass cards. If you would like to print the next card then you would run the following command:

$ pppauth –next 1 -t

The number 1, in the example above, will state how many cards are printed at a time thus changing the number to 4, for example, will print 4 pass cards onto the screen or HTML file.

Now to activate this authentication method you would simply add the line:

auth       required       pam_ppp.so

This would go anywhere in the file but if you would like to have the user UNIX password be requested first then you would need to add the line above just below the line that reads “@include common-auth” and if you only want for the PPP authentication to be used then you would need to comment out that line. Having them both enabled would actually be more secure because it enables the multi factor authentication where you have to input something only you know and something only you have or at least should

Now where exactly do you add that line? You would have to include that line in the pam.d configuration file of the application you intend on implementing this system on. In my case I only wanted for this system to use the PPP authentication system for SSH thus I added that line to /etc/pam.d/ssh file, keep in mind that this filename may vary from distribution to distribution.

After I did that I ran into the problem where it would only ask me for the user UNIX password when I attempted to SSH into the server but inputing either the UNIX password or the PPP code wouldn’t allow me to access the server. After researching I found a document that suggested that I put in the lines:

auth       requisite       pam_unix.so

auth       requisite       pam_ppp.so

This actually worked, I was able to log in using the UNIX password and the PPP code, but since I had left the line that said “@include common-auth” then when I connected to the server I would be prompted for the UNIX password twice. At the end I commented both lines, but if you just comment the line that says “@include common-auth” it will only ask you for the UNIX password once, but since I commented both lines then it only requests for the PPP pass code.

Just remember to restart sshd after any changes that you’ve made so that they take effect.

The pass card basically consists of rows and columns of 4 character codes. When you attempt to log in you are requested for the pass code and in the prompt you are told what code you need to input so it would look something like:

Passcode 2E [1]:

And that states that the user would need to input the code that’s located on row two, column E on the first pass card. On every fail or successful attempt the next code will be requested on the next time the user attempts to log in. To some users the fact that on failed attempts it will request for the next pass code might be annoying and this can be disabled by adding the option –dontskip to the command used to generate a new key and whenever a failed attempt occurs the system will still ask you for the same code until it’s entered correctly. By default, as in having the system ask you for the next code even on failed attempts, it’s considered somewhat insecure since the possibility of a Denial of Service attack can happen where the attacker keeps trying to input incorrect codes until it reaches a point where the next code being requested falls outside of the pass cards that the user has printed thus locking out the user from the system.

It is said that this security method should only be implemented as an extra layer of security and not the only layer of security especially because of that fact we just mentioned.

-LM