1 /* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */ 2 /* 3 * Author: Tatu Ylonen <ylo (at) cs.hut.fi> 4 * Copyright (c) 1995 Tatu Ylonen <ylo (at) cs.hut.fi>, Espoo, Finland 5 * All rights reserved 6 * Code to connect to a remote host, and to perform the client side of the 7 * login (authentication) dialog. 8 * 9 * As far as I am concerned, the code I have written for this software 10 * can be used freely for any purpose. Any derived versions of this 11 * software must be clearly marked as such, and if the derived work is 12 * incompatible with the protocol description in the RFC file, it must be 13 * called by a name other than "ssh" or "Secure Shell". 14 */ 15 16 #include "includes.h" 17 18 #include <sys/types.h> 19 #include <sys/socket.h> 20 21 #include <openssl/bn.h> 22 #include <openssl/md5.h> 23 24 #include <stdarg.h> 25 #include <stdio.h> 26 #include <stdlib.h> 27 #include <string.h> 28 #include <signal.h> 29 #include <pwd.h> 30 31 #include "xmalloc.h" 32 #include "ssh.h" 33 #include "ssh1.h" 34 #include "rsa.h" 35 #include "buffer.h" 36 #include "packet.h" 37 #include "key.h" 38 #include "cipher.h" 39 #include "kex.h" 40 #include "uidswap.h" 41 #include "log.h" 42 #include "readconf.h" 43 #include "authfd.h" 44 #include "sshconnect.h" 45 #include "authfile.h" 46 #include "misc.h" 47 #include "canohost.h" 48 #include "hostfile.h" 49 #include "auth.h" 50 51 /* Session id for the current session. */ 52 u_char session_id[16]; 53 u_int supported_authentications = 0; 54 55 extern Options options; 56 extern char *__progname; 57 58 /* 59 * Checks if the user has an authentication agent, and if so, tries to 60 * authenticate using the agent. 61 */ 62 static int 63 try_agent_authentication(void) 64 { 65 int type; 66 char *comment; 67 AuthenticationConnection *auth; 68 u_char response[16]; 69 u_int i; 70 Key *key; 71 BIGNUM *challenge; 72 73 /* Get connection to the agent. */ 74 auth = ssh_get_authentication_connection(); 75 if (!auth) 76 return 0; 77 78 if ((challenge = BN_new()) == NULL) 79 fatal("try_agent_authentication: BN_new failed"); 80 /* Loop through identities served by the agent. */ 81 for (key = ssh_get_first_identity(auth, &comment, 1); 82 key != NULL; 83 key = ssh_get_next_identity(auth, &comment, 1)) { 84 85 /* Try this identity. */ 86 debug("Trying RSA authentication via agent with '%.100s'", comment); 87 xfree(comment); 88 89 /* Tell the server that we are willing to authenticate using this key. */ 90 packet_start(SSH_CMSG_AUTH_RSA); 91 packet_put_bignum(key->rsa->n); 92 packet_send(); 93 packet_write_wait(); 94 95 /* Wait for server's response. */ 96 type = packet_read(); 97 98 /* The server sends failure if it doesn't like our key or 99 does not support RSA authentication. */ 100 if (type == SSH_SMSG_FAILURE) { 101 debug("Server refused our key."); 102 key_free(key); 103 continue; 104 } 105 /* Otherwise it should have sent a challenge. */ 106 if (type != SSH_SMSG_AUTH_RSA_CHALLENGE) 107 packet_disconnect("Protocol error during RSA authentication: %d", 108 type); 109 110 packet_get_bignum(challenge); 111 packet_check_eom(); 112 113 debug("Received RSA challenge from server."); 114 115 /* Ask the agent to decrypt the challenge. */ 116 if (!ssh_decrypt_challenge(auth, key, challenge, session_id, 1, response)) { 117 /* 118 * The agent failed to authenticate this identifier 119 * although it advertised it supports this. Just 120 * return a wrong value. 121 */ 122 logit("Authentication agent failed to decrypt challenge."); 123 memset(response, 0, sizeof(response)); 124 } 125 key_free(key); 126 debug("Sending response to RSA challenge."); 127 128 /* Send the decrypted challenge back to the server. */ 129 packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); 130 for (i = 0; i < 16; i++) 131 packet_put_char(response[i]); 132 packet_send(); 133 packet_write_wait(); 134 135 /* Wait for response from the server. */ 136 type = packet_read(); 137 138 /* The server returns success if it accepted the authentication. */ 139 if (type == SSH_SMSG_SUCCESS) { 140 ssh_close_authentication_connection(auth); 141 BN_clear_free(challenge); 142 debug("RSA authentication accepted by server."); 143 return 1; 144 } 145 /* Otherwise it should return failure. */ 146 if (type != SSH_SMSG_FAILURE) 147 packet_disconnect("Protocol error waiting RSA auth response: %d", 148 type); 149 } 150 ssh_close_authentication_connection(auth); 151 BN_clear_free(challenge); 152 debug("RSA authentication using agent refused."); 153 return 0; 154 } 155 156 /* 157 * Computes the proper response to a RSA challenge, and sends the response to 158 * the server. 159 */ 160 static void 161 respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv) 162 { 163 u_char buf[32], response[16]; 164 MD5_CTX md; 165 int i, len; 166 167 /* Decrypt the challenge using the private key. */ 168 /* XXX think about Bleichenbacher, too */ 169 if (rsa_private_decrypt(challenge, challenge, prv) <= 0) 170 packet_disconnect( 171 "respond_to_rsa_challenge: rsa_private_decrypt failed"); 172 173 /* Compute the response. */ 174 /* The response is MD5 of decrypted challenge plus session id. */ 175 len = BN_num_bytes(challenge); 176 if (len <= 0 || (u_int)len > sizeof(buf)) 177 packet_disconnect( 178 "respond_to_rsa_challenge: bad challenge length %d", len); 179 180 memset(buf, 0, sizeof(buf)); 181 BN_bn2bin(challenge, buf + sizeof(buf) - len); 182 MD5_Init(&md); 183 MD5_Update(&md, buf, 32); 184 MD5_Update(&md, session_id, 16); 185 MD5_Final(response, &md); 186 187 debug("Sending response to host key RSA challenge."); 188 189 /* Send the response back to the server. */ 190 packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); 191 for (i = 0; i < 16; i++) 192 packet_put_char(response[i]); 193 packet_send(); 194 packet_write_wait(); 195 196 memset(buf, 0, sizeof(buf)); 197 memset(response, 0, sizeof(response)); 198 memset(&md, 0, sizeof(md)); 199 } 200 201 /* 202 * Checks if the user has authentication file, and if so, tries to authenticate 203 * the user using it. 204 */ 205 static int 206 try_rsa_authentication(int idx) 207 { 208 BIGNUM *challenge; 209 Key *public, *private; 210 char buf[300], *passphrase, *comment, *authfile; 211 int i, perm_ok = 1, type, quit; 212 213 public = options.identity_keys[idx]; 214 authfile = options.identity_files[idx]; 215 comment = xstrdup(authfile); 216 217 debug("Trying RSA authentication with key '%.100s'", comment); 218 219 /* Tell the server that we are willing to authenticate using this key. */ 220 packet_start(SSH_CMSG_AUTH_RSA); 221 packet_put_bignum(public->rsa->n); 222 packet_send(); 223 packet_write_wait(); 224 225 /* Wait for server's response. */ 226 type = packet_read(); 227 228 /* 229 * The server responds with failure if it doesn't like our key or 230 * doesn't support RSA authentication. 231 */ 232 if (type == SSH_SMSG_FAILURE) { 233 debug("Server refused our key."); 234 xfree(comment); 235 return 0; 236 } 237 /* Otherwise, the server should respond with a challenge. */ 238 if (type != SSH_SMSG_AUTH_RSA_CHALLENGE) 239 packet_disconnect("Protocol error during RSA authentication: %d", type); 240 241 /* Get the challenge from the packet. */ 242 if ((challenge = BN_new()) == NULL) 243 fatal("try_rsa_authentication: BN_new failed"); 244 packet_get_bignum(challenge); 245 packet_check_eom(); 246 247 debug("Received RSA challenge from server."); 248 249 /* 250 * If the key is not stored in external hardware, we have to 251 * load the private key. Try first with empty passphrase; if it 252 * fails, ask for a passphrase. 253 */ 254 if (public->flags & KEY_FLAG_EXT) 255 private = public; 256 else 257 private = key_load_private_type(KEY_RSA1, authfile, "", NULL, 258 &perm_ok); 259 if (private == NULL && !options.batch_mode && perm_ok) { 260 snprintf(buf, sizeof(buf), 261 "Enter passphrase for RSA key '%.100s': ", comment); 262 for (i = 0; i < options.number_of_password_prompts; i++) { 263 passphrase = read_passphrase(buf, 0); 264 if (strcmp(passphrase, "") != 0) { 265 private = key_load_private_type(KEY_RSA1, 266 authfile, passphrase, NULL, NULL); 267 quit = 0; 268 } else { 269 debug2("no passphrase given, try next key"); 270 quit = 1; 271 } 272 memset(passphrase, 0, strlen(passphrase)); 273 xfree(passphrase); 274 if (private != NULL || quit) 275 break; 276 debug2("bad passphrase given, try again..."); 277 } 278 } 279 /* We no longer need the comment. */ 280 xfree(comment); 281 282 if (private == NULL) { 283 if (!options.batch_mode && perm_ok) 284 error("Bad passphrase."); 285 286 /* Send a dummy response packet to avoid protocol error. */ 287 packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); 288 for (i = 0; i < 16; i++) 289 packet_put_char(0); 290 packet_send(); 291 packet_write_wait(); 292 293 /* Expect the server to reject it... */ 294 packet_read_expect(SSH_SMSG_FAILURE); 295 BN_clear_free(challenge); 296 return 0; 297 } 298 299 /* Compute and send a response to the challenge. */ 300 respond_to_rsa_challenge(challenge, private->rsa); 301 302 /* Destroy the private key unless it in external hardware. */ 303 if (!(private->flags & KEY_FLAG_EXT)) 304 key_free(private); 305 306 /* We no longer need the challenge. */ 307 BN_clear_free(challenge); 308 309 /* Wait for response from the server. */ 310 type = packet_read(); 311 if (type == SSH_SMSG_SUCCESS) { 312 debug("RSA authentication accepted by server."); 313 return 1; 314 } 315 if (type != SSH_SMSG_FAILURE) 316 packet_disconnect("Protocol error waiting RSA auth response: %d", type); 317 debug("RSA authentication refused."); 318 return 0; 319 } 320 321 /* 322 * Tries to authenticate the user using combined rhosts or /etc/hosts.equiv 323 * authentication and RSA host authentication. 324 */ 325 static int 326 try_rhosts_rsa_authentication(const char *local_user, Key * host_key) 327 { 328 int type; 329 BIGNUM *challenge; 330 331 debug("Trying rhosts or /etc/hosts.equiv with RSA host authentication."); 332 333 /* Tell the server that we are willing to authenticate using this key. */ 334 packet_start(SSH_CMSG_AUTH_RHOSTS_RSA); 335 packet_put_cstring(local_user); 336 packet_put_int(BN_num_bits(host_key->rsa->n)); 337 packet_put_bignum(host_key->rsa->e); 338 packet_put_bignum(host_key->rsa->n); 339 packet_send(); 340 packet_write_wait(); 341 342 /* Wait for server's response. */ 343 type = packet_read(); 344 345 /* The server responds with failure if it doesn't admit our 346 .rhosts authentication or doesn't know our host key. */ 347 if (type == SSH_SMSG_FAILURE) { 348 debug("Server refused our rhosts authentication or host key."); 349 return 0; 350 } 351 /* Otherwise, the server should respond with a challenge. */ 352 if (type != SSH_SMSG_AUTH_RSA_CHALLENGE) 353 packet_disconnect("Protocol error during RSA authentication: %d", type); 354 355 /* Get the challenge from the packet. */ 356 if ((challenge = BN_new()) == NULL) 357 fatal("try_rhosts_rsa_authentication: BN_new failed"); 358 packet_get_bignum(challenge); 359 packet_check_eom(); 360 361 debug("Received RSA challenge for host key from server."); 362 363 /* Compute a response to the challenge. */ 364 respond_to_rsa_challenge(challenge, host_key->rsa); 365 366 /* We no longer need the challenge. */ 367 BN_clear_free(challenge); 368 369 /* Wait for response from the server. */ 370 type = packet_read(); 371 if (type == SSH_SMSG_SUCCESS) { 372 debug("Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server."); 373 return 1; 374 } 375 if (type != SSH_SMSG_FAILURE) 376 packet_disconnect("Protocol error waiting RSA auth response: %d", type); 377 debug("Rhosts or /etc/hosts.equiv with RSA host authentication refused."); 378 return 0; 379 } 380 381 /* 382 * Tries to authenticate with any string-based challenge/response system. 383 * Note that the client code is not tied to s/key or TIS. 384 */ 385 static int 386 try_challenge_response_authentication(void) 387 { 388 int type, i; 389 u_int clen; 390 char prompt[1024]; 391 char *challenge, *response; 392 393 debug("Doing challenge response authentication."); 394 395 for (i = 0; i < options.number_of_password_prompts; i++) { 396 /* request a challenge */ 397 packet_start(SSH_CMSG_AUTH_TIS); 398 packet_send(); 399 packet_write_wait(); 400 401 type = packet_read(); 402 if (type != SSH_SMSG_FAILURE && 403 type != SSH_SMSG_AUTH_TIS_CHALLENGE) { 404 packet_disconnect("Protocol error: got %d in response " 405 "to SSH_CMSG_AUTH_TIS", type); 406 } 407 if (type != SSH_SMSG_AUTH_TIS_CHALLENGE) { 408 debug("No challenge."); 409 return 0; 410 } 411 challenge = packet_get_string(&clen); 412 packet_check_eom(); 413 snprintf(prompt, sizeof prompt, "%s%s", challenge, 414 strchr(challenge, '\n') ? "" : "\nResponse: "); 415 xfree(challenge); 416 if (i != 0) 417 error("Permission denied, please try again."); 418 if (options.cipher == SSH_CIPHER_NONE) 419 logit("WARNING: Encryption is disabled! " 420 "Response will be transmitted in clear text."); 421 response = read_passphrase(prompt, 0); 422 if (strcmp(response, "") == 0) { 423 xfree(response); 424 break; 425 } 426 packet_start(SSH_CMSG_AUTH_TIS_RESPONSE); 427 ssh_put_password(response); 428 memset(response, 0, strlen(response)); 429 xfree(response); 430 packet_send(); 431 packet_write_wait(); 432 type = packet_read(); 433 if (type == SSH_SMSG_SUCCESS) 434 return 1; 435 if (type != SSH_SMSG_FAILURE) 436 packet_disconnect("Protocol error: got %d in response " 437 "to SSH_CMSG_AUTH_TIS_RESPONSE", type); 438 } 439 /* failure */ 440 return 0; 441 } 442 443 /* 444 * Tries to authenticate with plain passwd authentication. 445 */ 446 static int 447 try_password_authentication(char *prompt) 448 { 449 int type, i; 450 char *password; 451 452 debug("Doing password authentication."); 453 if (options.cipher == SSH_CIPHER_NONE) 454 logit("WARNING: Encryption is disabled! Password will be transmitted in clear text."); 455 for (i = 0; i < options.number_of_password_prompts; i++) { 456 if (i != 0) 457 error("Permission denied, please try again."); 458 password = read_passphrase(prompt, 0); 459 packet_start(SSH_CMSG_AUTH_PASSWORD); 460 ssh_put_password(password); 461 memset(password, 0, strlen(password)); 462 xfree(password); 463 packet_send(); 464 packet_write_wait(); 465 466 type = packet_read(); 467 if (type == SSH_SMSG_SUCCESS) 468 return 1; 469 if (type != SSH_SMSG_FAILURE) 470 packet_disconnect("Protocol error: got %d in response to passwd auth", type); 471 } 472 /* failure */ 473 return 0; 474 } 475 476 /* 477 * SSH1 key exchange 478 */ 479 void 480 ssh_kex(char *host, struct sockaddr *hostaddr) 481 { 482 int i; 483 BIGNUM *key; 484 Key *host_key, *server_key; 485 int bits, rbits; 486 int ssh_cipher_default = SSH_CIPHER_3DES; 487 u_char session_key[SSH_SESSION_KEY_LENGTH]; 488 u_char cookie[8]; 489 u_int supported_ciphers; 490 u_int server_flags, client_flags; 491 u_int32_t rnd = 0; 492 493 debug("Waiting for server public key."); 494 495 /* Wait for a public key packet from the server. */ 496 packet_read_expect(SSH_SMSG_PUBLIC_KEY); 497 498 /* Get cookie from the packet. */ 499 for (i = 0; i < 8; i++) 500 cookie[i] = packet_get_char(); 501 502 /* Get the public key. */ 503 server_key = key_new(KEY_RSA1); 504 bits = packet_get_int(); 505 packet_get_bignum(server_key->rsa->e); 506 packet_get_bignum(server_key->rsa->n); 507 508 rbits = BN_num_bits(server_key->rsa->n); 509 if (bits != rbits) { 510 logit("Warning: Server lies about size of server public key: " 511 "actual size is %d bits vs. announced %d.", rbits, bits); 512 logit("Warning: This may be due to an old implementation of ssh."); 513 } 514 /* Get the host key. */ 515 host_key = key_new(KEY_RSA1); 516 bits = packet_get_int(); 517 packet_get_bignum(host_key->rsa->e); 518 packet_get_bignum(host_key->rsa->n); 519 520 rbits = BN_num_bits(host_key->rsa->n); 521 if (bits != rbits) { 522 logit("Warning: Server lies about size of server host key: " 523 "actual size is %d bits vs. announced %d.", rbits, bits); 524 logit("Warning: This may be due to an old implementation of ssh."); 525 } 526 527 /* Get protocol flags. */ 528 server_flags = packet_get_int(); 529 packet_set_protocol_flags(server_flags); 530 531 supported_ciphers = packet_get_int(); 532 supported_authentications = packet_get_int(); 533 packet_check_eom(); 534 535 debug("Received server public key (%d bits) and host key (%d bits).", 536 BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n)); 537 538 if (verify_host_key(host, hostaddr, host_key) == -1) 539 fatal("Host key verification failed."); 540 541 client_flags = SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN; 542 543 derive_ssh1_session_id(host_key->rsa->n, server_key->rsa->n, cookie, session_id); 544 545 /* Generate a session key. */ 546 arc4random_stir(); 547 548 /* 549 * Generate an encryption key for the session. The key is a 256 bit 550 * random number, interpreted as a 32-byte key, with the least 551 * significant 8 bits being the first byte of the key. 552 */ 553 for (i = 0; i < 32; i++) { 554 if (i % 4 == 0) 555 rnd = arc4random(); 556 session_key[i] = rnd & 0xff; 557 rnd >>= 8; 558 } 559 560 /* 561 * According to the protocol spec, the first byte of the session key 562 * is the highest byte of the integer. The session key is xored with 563 * the first 16 bytes of the session id. 564 */ 565 if ((key = BN_new()) == NULL) 566 fatal("ssh_kex: BN_new failed"); 567 if (BN_set_word(key, 0) == 0) 568 fatal("ssh_kex: BN_set_word failed"); 569 for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) { 570 if (BN_lshift(key, key, 8) == 0) 571 fatal("ssh_kex: BN_lshift failed"); 572 if (i < 16) { 573 if (BN_add_word(key, session_key[i] ^ session_id[i]) 574 == 0) 575 fatal("ssh_kex: BN_add_word failed"); 576 } else { 577 if (BN_add_word(key, session_key[i]) == 0) 578 fatal("ssh_kex: BN_add_word failed"); 579 } 580 } 581 582 /* 583 * Encrypt the integer using the public key and host key of the 584 * server (key with smaller modulus first). 585 */ 586 if (BN_cmp(server_key->rsa->n, host_key->rsa->n) < 0) { 587 /* Public key has smaller modulus. */ 588 if (BN_num_bits(host_key->rsa->n) < 589 BN_num_bits(server_key->rsa->n) + SSH_KEY_BITS_RESERVED) { 590 fatal("respond_to_rsa_challenge: host_key %d < server_key %d + " 591 "SSH_KEY_BITS_RESERVED %d", 592 BN_num_bits(host_key->rsa->n), 593 BN_num_bits(server_key->rsa->n), 594 SSH_KEY_BITS_RESERVED); 595 } 596 rsa_public_encrypt(key, key, server_key->rsa); 597 rsa_public_encrypt(key, key, host_key->rsa); 598 } else { 599 /* Host key has smaller modulus (or they are equal). */ 600 if (BN_num_bits(server_key->rsa->n) < 601 BN_num_bits(host_key->rsa->n) + SSH_KEY_BITS_RESERVED) { 602 fatal("respond_to_rsa_challenge: server_key %d < host_key %d + " 603 "SSH_KEY_BITS_RESERVED %d", 604 BN_num_bits(server_key->rsa->n), 605 BN_num_bits(host_key->rsa->n), 606 SSH_KEY_BITS_RESERVED); 607 } 608 rsa_public_encrypt(key, key, host_key->rsa); 609 rsa_public_encrypt(key, key, server_key->rsa); 610 } 611 612 /* Destroy the public keys since we no longer need them. */ 613 key_free(server_key); 614 key_free(host_key); 615 616 if (options.cipher == SSH_CIPHER_NOT_SET) { 617 if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default)) 618 options.cipher = ssh_cipher_default; 619 } else if (options.cipher == SSH_CIPHER_INVALID || 620 !(cipher_mask_ssh1(1) & (1 << options.cipher))) { 621 logit("No valid SSH1 cipher, using %.100s instead.", 622 cipher_name(ssh_cipher_default)); 623 options.cipher = ssh_cipher_default; 624 } 625 /* Check that the selected cipher is supported. */ 626 if (!(supported_ciphers & (1 << options.cipher))) 627 fatal("Selected cipher type %.100s not supported by server.", 628 cipher_name(options.cipher)); 629 630 debug("Encryption type: %.100s", cipher_name(options.cipher)); 631 632 /* Send the encrypted session key to the server. */ 633 packet_start(SSH_CMSG_SESSION_KEY); 634 packet_put_char(options.cipher); 635 636 /* Send the cookie back to the server. */ 637 for (i = 0; i < 8; i++) 638 packet_put_char(cookie[i]); 639 640 /* Send and destroy the encrypted encryption key integer. */ 641 packet_put_bignum(key); 642 BN_clear_free(key); 643 644 /* Send protocol flags. */ 645 packet_put_int(client_flags); 646 647 /* Send the packet now. */ 648 packet_send(); 649 packet_write_wait(); 650 651 debug("Sent encrypted session key."); 652 653 /* Set the encryption key. */ 654 packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH, options.cipher); 655 656 /* We will no longer need the session key here. Destroy any extra copies. */ 657 memset(session_key, 0, sizeof(session_key)); 658 659 /* 660 * Expect a success message from the server. Note that this message 661 * will be received in encrypted form. 662 */ 663 packet_read_expect(SSH_SMSG_SUCCESS); 664 665 debug("Received encrypted confirmation."); 666 } 667 668 /* 669 * Authenticate user 670 */ 671 void 672 ssh_userauth1(const char *local_user, const char *server_user, char *host, 673 Sensitive *sensitive) 674 { 675 int i, type; 676 677 if (supported_authentications == 0) 678 fatal("ssh_userauth1: server supports no auth methods"); 679 680 /* Send the name of the user to log in as on the server. */ 681 packet_start(SSH_CMSG_USER); 682 packet_put_cstring(server_user); 683 packet_send(); 684 packet_write_wait(); 685 686 /* 687 * The server should respond with success if no authentication is 688 * needed (the user has no password). Otherwise the server responds 689 * with failure. 690 */ 691 type = packet_read(); 692 693 /* check whether the connection was accepted without authentication. */ 694 if (type == SSH_SMSG_SUCCESS) 695 goto success; 696 if (type != SSH_SMSG_FAILURE) 697 packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", type); 698 699 /* 700 * Try .rhosts or /etc/hosts.equiv authentication with RSA host 701 * authentication. 702 */ 703 if ((supported_authentications & (1 << SSH_AUTH_RHOSTS_RSA)) && 704 options.rhosts_rsa_authentication) { 705 for (i = 0; i < sensitive->nkeys; i++) { 706 if (sensitive->keys[i] != NULL && 707 sensitive->keys[i]->type == KEY_RSA1 && 708 try_rhosts_rsa_authentication(local_user, 709 sensitive->keys[i])) 710 goto success; 711 } 712 } 713 /* Try RSA authentication if the server supports it. */ 714 if ((supported_authentications & (1 << SSH_AUTH_RSA)) && 715 options.rsa_authentication) { 716 /* 717 * Try RSA authentication using the authentication agent. The 718 * agent is tried first because no passphrase is needed for 719 * it, whereas identity files may require passphrases. 720 */ 721 if (try_agent_authentication()) 722 goto success; 723 724 /* Try RSA authentication for each identity. */ 725 for (i = 0; i < options.num_identity_files; i++) 726 if (options.identity_keys[i] != NULL && 727 options.identity_keys[i]->type == KEY_RSA1 && 728 try_rsa_authentication(i)) 729 goto success; 730 } 731 /* Try challenge response authentication if the server supports it. */ 732 if ((supported_authentications & (1 << SSH_AUTH_TIS)) && 733 options.challenge_response_authentication && !options.batch_mode) { 734 if (try_challenge_response_authentication()) 735 goto success; 736 } 737 /* Try password authentication if the server supports it. */ 738 if ((supported_authentications & (1 << SSH_AUTH_PASSWORD)) && 739 options.password_authentication && !options.batch_mode) { 740 char prompt[80]; 741 742 snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", 743 server_user, host); 744 if (try_password_authentication(prompt)) 745 goto success; 746 } 747 /* All authentication methods have failed. Exit with an error message. */ 748 fatal("Permission denied."); 749 /* NOTREACHED */ 750 751 success: 752 return; /* need statement after label */ 753 } 754
