|

»

»

Re: Mango passwords and instructions?

View: New views

13 Messages — Rating Filter: Alert me

	Re: Mango passwords and instructions? by Baris Cicek :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi; If someone can lead the organization of such a thing, we can add it to Events page as well. Regards, Baris On Mon, 2008-06-09 at 10:10 -0400, Germán Póo-Caamaño wrote: > On Sun, 2008-06-01 at 19:33 +0200, Olav Vitters wrote: > > On Sun, Jun 01, 2008 at 06:21:57PM +0200, Christian Rose wrote: > > > On 9/29/07, Olav Vitters <olav@...> wrote: > > > There seems to be a bunch of "what's my Mango password?" tickets > > > stalled in RT3. > > > I'd like to know what I should answer the requestors. Is there a simple answer? > > > I tried > > > > Depends if they want to retrieve their password or reset it. Resetting > > is very annoying. This as > > a) I don't want people being able to login to the main LDAP server (even > > if there is a command restriction) > > b) Even if those logins would be allowed, I wouldn't trust a suid reset > > command > > c) Socket cannot change the password anyway as it is not the main LDAP > > server (could be done if everything uses openldap 2.4+.. RHEL5 has 2.3) > > d) MAINTAINERS file crappiness > > > > Long term, I want people to use GPG instead of passwords. Then the > > password is only there for some services like e.g. Jabber. I don't know > > much about LDAP (finally understand it somewhat since the last few > > days!) > > If people would need a password reset, they'd login to Mango using GPG, > > then click the 'new password' button. This would give them a new > > password. It is stalled due to lack of resources (would appreciate more > > help with building new infrastructure). > > > > Note: The reason I haven't implemented GPG yet is only due to not > > getting to it (it is difficult). I'm not going to ask for consensus. It > > will be implemented. I don't mind if people don't want it, it will be > > their problem if they want to give a new developer an SVN account, etc. > > If GPG is the way to go, shouldn't be the GUADEC a good opportunity to > have a GPG Key Signing Party[1]? > > A GPG key without any other sign who trust it doesn't have enough value. > > [1] > http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html > > _______________________________________________ > Gnome-infrastructure mailing list > Gnome-infrastructure@... > http://mail.gnome.org/mailman/listinfo/gnome-infrastructure _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list
	Re: Mango passwords and instructions? by Germán Póo-Caamaño-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Mon, 2008-06-09 at 21:29 +0300, Baris Cicek wrote: > Hi; > > If someone can lead the organization of such a thing, we can add it to > Events page as well. If still there is time, I can take care of this. Also, I would like to have some feedback from Olav and/or Christian. Regards, > On Mon, 2008-06-09 at 10:10 -0400, Germán Póo-Caamaño wrote: > > On Sun, 2008-06-01 at 19:33 +0200, Olav Vitters wrote: > > > On Sun, Jun 01, 2008 at 06:21:57PM +0200, Christian Rose wrote: > > > > On 9/29/07, Olav Vitters <olav@...> wrote: > > > > There seems to be a bunch of "what's my Mango password?" tickets > > > > stalled in RT3. > > > > I'd like to know what I should answer the requestors. Is there a simple answer? > > > > I tried > > > > > > Depends if they want to retrieve their password or reset it. Resetting > > > is very annoying. This as > > > a) I don't want people being able to login to the main LDAP server (even > > > if there is a command restriction) > > > b) Even if those logins would be allowed, I wouldn't trust a suid reset > > > command > > > c) Socket cannot change the password anyway as it is not the main LDAP > > > server (could be done if everything uses openldap 2.4+.. RHEL5 has 2.3) > > > d) MAINTAINERS file crappiness > > > > > > Long term, I want people to use GPG instead of passwords. Then the > > > password is only there for some services like e.g. Jabber. I don't know > > > much about LDAP (finally understand it somewhat since the last few > > > days!) > > > If people would need a password reset, they'd login to Mango using GPG, > > > then click the 'new password' button. This would give them a new > > > password. It is stalled due to lack of resources (would appreciate more > > > help with building new infrastructure). > > > > > > Note: The reason I haven't implemented GPG yet is only due to not > > > getting to it (it is difficult). I'm not going to ask for consensus. It > > > will be implemented. I don't mind if people don't want it, it will be > > > their problem if they want to give a new developer an SVN account, etc. > > > > If GPG is the way to go, shouldn't be the GUADEC a good opportunity to > > have a GPG Key Signing Party[1]? > > > > A GPG key without any other sign who trust it doesn't have enough value. > > > > [1] > > http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html > > > > _______________________________________________ > > Gnome-infrastructure mailing list > > Gnome-infrastructure@... > > http://mail.gnome.org/mailman/listinfo/gnome-infrastructure > > -- Germán Póo-Caamaño Concepción - Chile http://www.calcifer.org/ _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list signature.asc (196 bytes) Download Attachment
	Re: Mango passwords and instructions? by Olav Vitters :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Wed, Jun 25, 2008 at 09:24:47PM -0400, Germán Poó-Caamaño wrote: > On Mon, 2008-06-09 at 21:29 +0300, Baris Cicek wrote: > > Hi; > > > > If someone can lead the organization of such a thing, we can add it to > > Events page as well. > > If still there is time, I can take care of this. Also, I would like to > have some feedback from Olav and/or Christian. With the rewrite of Mango into Python, I can rely on the SSH keys for authentication. This will however require people wanting to login to Mango to run a custom script (to extract the RSA bits of out the private key to enable the authentication). I hope to do this hack first via a script and later on have it integrated into seahorse (haven't talked at all to the devs yet). So GPG isn't that needed atm (SSH keys will be far easier to handle from my standpoint.. we already trust these things anyway). Not sure what people thing or using SSH keys for logging in to a website. Perhaps it is considered totally crazy... ATM I first have to finish the rewrite anyway (progressing nicely, but still a lot of things to finish). -- Regards, Olav _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list
	Re: Mango passwords and instructions? by Behdad Esfahbod-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Thu, 2008-06-26 at 09:09 +0200, Olav Vitters wrote: > > With the rewrite of Mango into Python, I can rely on the SSH keys for > authentication. This will however require people wanting to login to > Mango to run a custom script (to extract the RSA bits of out the > private key to enable the authentication). Interesting. How does it work? -- behdad http://behdad.org/ "Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin, 1759 _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list
	Re: Mango passwords and instructions? by Olav Vitters :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Thu, Jun 26, 2008 at 10:39:20AM -0400, Behdad Esfahbod wrote: > On Thu, 2008-06-26 at 09:09 +0200, Olav Vitters wrote: > > > > With the rewrite of Mango into Python, I can rely on the SSH keys for > > authentication. This will however require people wanting to login to > > Mango to run a custom script (to extract the RSA bits of out the > > private key to enable the authentication). > > Interesting. How does it work? The easiest way is to use the Paramiko stuff.. although I am not sure what I'll do. E.g. http://www.lag.net/paramiko/docs/paramiko.PKey-class.html see can_sign (needs private key), sign_ssh_data (private key), verify_ssh_sig. I'd imagine something like: * Website shows base64 encoded random bytes * User uses script to sign the random bytes (script decodes the base64 stuff, signs it, then base64 encodes the result) * User enters username and the base64'd signature * Mango verifies that: random bytes matches with was what given user has a public key which passes the 'verify_ssh_sig' check Only annoying part is the script for the user. It should be simple enough so that people trust the working. But at the same time, some GUI is likely needed (?).. but that would make it complicated. Note that fetching private keys from the ssh agent is trivial. -- Regards, Olav _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list
	Re: Mango passwords and instructions? by Behdad Esfahbod-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Thu, 2008-06-26 at 19:42 +0200, Olav Vitters wrote: > > Only annoying part is the script for the user. It should be simple > enough so that people trust the working. But at the same time, some > GUI is likely needed (?).. but that would make it complicated. > Note that fetching private keys from the ssh agent is trivial. How about something like showing people a page saying: "Please run the following command and follow instructions given there: echo "blah blah blah some rand word" \| ssh auth.gnome.org The auth.gnome.org then gives them a password they can use to login withing the next 10 minutes. -- behdad http://behdad.org/ "Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin, 1759 _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list
	Re: Mango passwords and instructions? by Vincent Untz :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Le vendredi 27 juin 2008, à 09:20 -0400, Behdad Esfahbod a écrit : > On Thu, 2008-06-26 at 19:42 +0200, Olav Vitters wrote: > > > > Only annoying part is the script for the user. It should be simple > > enough so that people trust the working. But at the same time, some > > GUI is likely needed (?).. but that would make it complicated. > > Note that fetching private keys from the ssh agent is trivial. > > How about something like showing people a page saying: > > "Please run the following command and follow instructions given there: > > echo "blah blah blah some rand word" \| ssh auth.gnome.org > > The auth.gnome.org then gives them a password they can use to login > withing the next 10 minutes. I suggest a "GNOME contributor" epiphany plugin to do all this :-) Vincent -- Les gens heureux ne sont pas pressés. _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list
	Re: Mango passwords and instructions? by Olav Vitters :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Fri, Jun 27, 2008 at 09:20:05AM -0400, Behdad Esfahbod wrote: > On Thu, 2008-06-26 at 19:42 +0200, Olav Vitters wrote: > > > > Only annoying part is the script for the user. It should be simple > > enough so that people trust the working. But at the same time, some > > GUI is likely needed (?).. but that would make it complicated. > > Note that fetching private keys from the ssh agent is trivial. > > How about something like showing people a page saying: > > "Please run the following command and follow instructions given there: > > echo "blah blah blah some rand word" \| ssh auth.gnome.org > > The auth.gnome.org then gives them a password they can use to login > withing the next 10 minutes. Actually not sure how to implement something like that. Users should not be able to retrieve any private Mango information. So they should not just be able to run a script under their userid and get access to private Mango info. At the same time, I don't know how to handle suid stuff combined with Python... is that trustable? Can I 100% rely on finding out the original userid? Plus I'd need to store it in the database in a way that if the database is compromised, that they cannot abuse it to get Mango privs... probably hashing some secret token I guess. I've tried the paramiko method, and it seems to work (not in Mango.. just hacked up test locally). I'll do something like that for now... it is pretty easy to replace the login method in Mango. -- Regards, Olav _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list
	Re: Mango passwords and instructions? by Behdad Esfahbod-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Fri, 2008-06-27 at 16:02 +0200, Olav Vitters wrote: > On Fri, Jun 27, 2008 at 09:20:05AM -0400, Behdad Esfahbod wrote: > > On Thu, 2008-06-26 at 19:42 +0200, Olav Vitters wrote: > > > > > > Only annoying part is the script for the user. It should be simple > > > enough so that people trust the working. But at the same time, some > > > GUI is likely needed (?).. but that would make it complicated. > > > Note that fetching private keys from the ssh agent is trivial. > > > > How about something like showing people a page saying: > > > > "Please run the following command and follow instructions given there: > > > > echo "blah blah blah some rand word" \| ssh auth.gnome.org > > > > The auth.gnome.org then gives them a password they can use to login > > withing the next 10 minutes. > > Actually not sure how to implement something like that. Users should not > be able to retrieve any private Mango information. So they should not > just be able to run a script under their userid and get access to > private Mango info. How about that simply write a dotfile in user's home dir. Mango then reads that file, confirms that it's only readable by user. Checks that it's modification time is recent, and accepts the contents as password. This is weaker than your approach as anyone compromising any GNOME machines will get access to everyone's Mango account. However, both approaches suffer from the fact that a compromised SSH key gives access to user's Mango. Combine that with the fact that one of two major Mango requests is changing a lost key (the other being changing email address), I'm not sure using SSH keys for authentication is a good idea. > At the same time, I don't know how to handle suid > stuff combined with Python... is that trustable? Can I 100% rely on > finding out the original userid? Plus I'd need to store it in the > database in a way that if the database is compromised, that they cannot > abuse it to get Mango privs... probably hashing some secret token I > guess. > > I've tried the paramiko method, and it seems to work (not in Mango.. > just hacked up test locally). I'll do something like that for now... it > is pretty easy to replace the login method in Mango. How about (optional) OpenID? -- behdad http://behdad.org/ "Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety." -- Benjamin Franklin, 1759 _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list
	Re: Mango passwords and instructions? by Olav Vitters :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Fri, Jun 27, 2008 at 10:16:35AM -0400, Behdad Esfahbod wrote: > How about that simply write a dotfile in user's home dir. Mango then > reads that file, confirms that it's only readable by user. Checks that > it's modification time is recent, and accepts the contents as password. Hm.. maybe directory like /tmp. Not readable except for Mango group and the userid writing to it. (+s IIRC). That would actually pretty much work.. except it would make testing Mango locally harder ;) > This is weaker than your approach as anyone compromising any GNOME > machines will get access to everyone's Mango account. However, both > approaches suffer from the fact that a compromised SSH key gives access > to user's Mango. Yeah, but compromised SSH key is acceptable that the Mango is compromised as well. > Combine that with the fact that one of two major Mango requests is > changing a lost key (the other being changing email address), I'm not > sure using SSH keys for authentication is a good idea. ATM yes, as Mango doesn't really do anything. But I plan to make it way more important for maintainers. > > At the same time, I don't know how to handle suid > > stuff combined with Python... is that trustable? Can I 100% rely on > > finding out the original userid? Plus I'd need to store it in the > > database in a way that if the database is compromised, that they cannot > > abuse it to get Mango privs... probably hashing some secret token I > > guess. > > > > I've tried the paramiko method, and it seems to work (not in Mango.. > > just hacked up test locally). I'll do something like that for now... it > > is pretty easy to replace the login method in Mango. > > How about (optional) OpenID? There is no OpenID stored in Mango, so that is a no as primary method. And IIRC OpenID stuff usually just has password as authentication (too weak). -- Regards, Olav _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list
	Re: Mango passwords and instructions? by klondike-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I'm not sure where I did read some sort of flame? between gpg and ssh keys. Anyway, I'd like to comment about gpgkey2ssh which may help with the problem :) _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list
	Re: Mango passwords and instructions? by Olav Vitters :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Fri, Jun 27, 2008 at 05:15:00PM +0200, klondike wrote: > I'm not sure where I did read some sort of flame? between gpg and ssh keys. We simply don't have any GPG infrastructure. > Anyway, I'd like to comment about gpgkey2ssh which may help with the problem :) I'll check it out. -- Regards, Olav _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list
	Re: Mango passwords and instructions? by Olav Vitters :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Fri, Jun 27, 2008 at 05:19:02PM +0200, Olav Vitters wrote: > On Fri, Jun 27, 2008 at 05:15:00PM +0200, klondike wrote: > > I'm not sure where I did read some sort of flame? between gpg and ssh keys. > > We simply don't have any GPG infrastructure. > > > Anyway, I'd like to comment about gpgkey2ssh which may help with the problem :) > > I'll check it out. Ehr: 1. No documentation 2. There is no GPG infrastructure. You're proposing something which seems to generate SSH keys. We have and trust them already. I don't know how to setup a good distributed and trusted GPG infrastructure. Well, LDAP.. but GPG wants keyrings and stuff.. I just want to compare some signature with a key I know is good (as it is from LDAP). -- Regards, Olav _______________________________________________ guadec-list mailing list guadec-list@... http://mail.gnome.org/mailman/listinfo/guadec-list

LightInTheBox - Buy quality products at wholesale price!