DSA authentication under SSH - SSH

This is a discussion on DSA authentication under SSH - SSH ; For this kind of authentication, SSH clients send the basic DSA parameters (p, q, y and g) to the server, plus the signature (r and s). My question is, what is the message being signed? If I understand it correctly, ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: DSA authentication under SSH

  1. DSA authentication under SSH

    For this kind of authentication, SSH clients send the basic DSA
    parameters (p, q, y and g) to the server, plus the signature (r and s). My
    question is, what is the message being signed?

    If I understand it correctly, both client and server must have access to
    the message - the client, to create the signature, and the server, to
    verify the signature. However, it is not at all clear to me what message
    is being used during the authentication process. Can anyone help?

  2. Re: DSA authentication under SSH

    >>>>> "J" == J Sommers writes:

    J> For this kind of authentication, SSH clients send the basic DSA
    J> parameters (p, q, y and g) to the server, plus the signature (r
    and
    J> s). My question is, what is the message being signed?

    J> If I understand it correctly, both client and server must have
    J> access to the message - the client, to create the signature, and
    J> the server, to verify the signature. However, it is not at all
    J> clear to me what message is being used during the authentication
    J> process. Can anyone help?

    This question is best answered by reading RFC 4252. From section 7:

    To perform actual authentication, the client MAY then send a
    signature generated using the private key. The client MAY send the
    signature directly without first verifying whether the key is
    acceptable. The signature is sent using the following packet:

    byte SSH_MSG_USERAUTH_REQUEST
    string user name
    string service name
    string "publickey"
    boolean TRUE
    string public key algorithm name
    string public key to be used for authentication
    string signature

    The value of 'signature' is a signature by the corresponding private
    key over the following data, in the following order:

    string session identifier
    byte SSH_MSG_USERAUTH_REQUEST
    string user name
    string service name
    string "publickey"
    boolean TRUE
    string public key algorithm name
    string public key to be used for authentication

    Of course, you need to read the rest to understand what all these
    things
    are. In short, the key element here is the "session identifier." This
    is
    a value produced by the key exchange, with two important properties: it
    is
    different for every SSH connection, and its value cannot be forced by
    either side. This makes it effective in countering man-in-the-middle
    attacks. The encapsulating SSH transport protocol does this as well
    during server authentication.

    --
    Richard Silverman
    res@qoxp.net


+ Reply to Thread