-
Notifications
You must be signed in to change notification settings - Fork 30
TACACS_PLUS SSH Public Key Authentication
This is a logical extension of the current TACACS+ standard. This document isn't well-formatted, and there's likely an issue with referring OpenSSH formats that aren't covered by an RfC.
Please note that this protocol extension is not a standard by itself. However, it suites RFC8907 with a minimum of changes, and the spec below is just about 50 lines of text.
I grant the BCP78/BCP79 (or whatever is required) rights to the IETF and I'd appreciate if this approach would end up in an RfC.
tac_plus-ng fully supports TAC_PLUS_AUTHEN_TYPE_SSHKEY. Also, the tac_akc.pl script, which is part of the GIT too, provides a suitable AuthorizedKeysCommand for OpenSSH, as a proof of concept.
-- Marc Huber [email protected]
The basic motivation behind this is that some vendors support public key SSH authentication on devices, but only with locally stored public keys (or key hashes). Alas, this approach doesn't scale as it lacks centralized management.
The proposed solution to this issue is:
A new authen_type value is required to support SSH PK authentication:
TAC_PLUS_AUTHEN_TYPE_SSHKEY := 0x08
The "5.4.2. Common Authentication Flows" section of RFC8907 is augmented:
SSH Public Key Login
action = TAC_PLUS_AUTHEN_LOGIN
authen_type = TAC_PLUS_AUTHEN_TYPE_SSHKEY
minor_version = 0x1The entire exchange MUST consist of a single START packet and a single REPLY. The START packet MUST contain a username and the data field MUST contain the SSH client's SSH public hash (fingerprint). The REPLY from the daemon MUST be either a PASS, FAIL or ERROR. In case of a PASS, the data field of the response SHOULD contain the public key that matches the SSH public hash. The TACACS+ client SHOULD match that key against the SSH key public key and permit access only if there's a match.
The public key format MUST be in RFC4716 format.
Public key hashes (fingerprints) MUST be generated using MD5 or SHA256, but SHA256 SHOULD be used. The ASCII representation MUST conform to the fingerprint representations used by OpenSSH, where the fingerprint is prefixed by the algorithm ("SHA256", "MD5"), followed by a colon (":"), and then followed by the actual hashed value, which is a series of colon-separated hexadecimal numbers for MD5 or the base64 encoded hashed value for SHA256.
Examples:
For MD5: MD5:c1:f2:43:18:ea:bb:fa:cc:31:31:04:bf:4f:fb:53:27
For SHA256: SHA256:kOkclqivcjludf/jdsfkyqpddffdk38U12+CkA8fBAC
For Authorization and Accounting, the authen_method
TAC_PLUS_AUTHEN_METH_TACACSPLUS
MUST be used.