Re: "too many auth failures"?

To: Simon Josefsson <simon%josefsson.org@localhost>
Subject: Re: "too many auth failures"?
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: Wed, 27 Oct 2010 21:53:39 +0200

Simon Josefsson <simon%josefsson.org@localhost> writes:

> Often private keys are protected by a password or requires a PIN to
> unlock a smartcard, and iterating to sign with all keys becomes a user
> interface issue quickly.

As far as I understand, the possibility to send a
SSH_MSG_USERAUTH_REQUEST without a signature in it is intended to solve
precisely this problem.

The client can store the *public* keys somewhere where you don't need
any user interaction to retrieve them, send a bunch of userauth requests
with these keys and no signatures. When you get a SSH_MSG_USERAUTH_PK_OK
response from the server, you ask the user to unlock the corresponding
private key and send a single SSH_MSG_USERAUTH_REQUEST with both key and
signature. This shouldn't have to cost more than a single network
roundtrip, independent of the number of public keys.

(Since I'd consider that client behaviour perfectly normal, I also think
that the server should *not* increment the failure counter when sending
a SSH_MSG_USERAUTH_PK_OK).

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.

Follow-Ups:
- Re: "too many auth failures"?
  - From: Nicolas Williams

References:
- Re: "too many auth failures"?
  - From: Nicolas Williams
- Re: "too many auth failures"?
  - From: Peter Gutmann
- Re: "too many auth failures"?
  - From: Nicolas Williams
- Re: "too many auth failures"?
  - From: Simon Josefsson

Prev by Date: Re: "too many auth failures"?
Next by Date: Re: "too many auth failures"?
Previous by Thread: Re: "too many auth failures"?
Next by Thread: Re: "too many auth failures"?
Indexes:

Home | Main Index | Thread Index | Old Index