Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

examples/default: PoC user/password login for the terminal #12191

Closed
wants to merge 6 commits into from

Conversation

jcarrano
Copy link
Contributor

@jcarrano jcarrano commented Sep 10, 2019

Contribution description

This is a very rough proof of concept showing how a simple user/password prompt can be used at the serial terminal to protect the shell.

The password is hashed and salted with PBKDF2-sha256.

To be effective, this requires a shell that can be exited, in order to be able to log off.

The login prompt has a built in delay between attempts (7 seconds each three failed attempts, plus the delay inherent to the key derivation function.).

Testing procedure

This won't work quite right in native because the serial/pty handling isdifferent there (we are not turning off the OS' line bufering and that gets in the way, as well as ctrl-d)

I get the best experience using miniterm.py (I used a samr21):

miniterm.py --eol LF /dev/ttyACM0 115200

The credentials are admin, Passw0rd!.

Issues/PRs references

Built on top of #10788 .

Right now the only way to exit the shell is if stdin is closed. This
works on native, but on an embedded platform stdin is the uart and thus
is never closed.

This patch causes the shell loop to exit on EOT (ASCII 0x04 / ctrl-D),
also called "End-of-Transmission".
Test that the shell exits on ctrl-D and that it exits only once.
This is a very rough proof of concept showing how a simmple user/password
prompt can be used at the serial terminal to protect the shell.

To be effective, this requires a shell that can be exited, in order to be
able to log off.

The login prompt has a built in delay between attempts (1 second at lest, 7
seconds each three failed attempts).

This won't work quite right in native because the serial/pty handling is
different there (we are not turning off the OS' line bufering and that gets
in the way, as well as ctrl-d)

I get the best experience using miniterm.py:

```
miniterm.py --eol LF /dev/ttyACM0 115200
```
@jcarrano jcarrano added Type: new feature The issue requests / The PR implemements a new feature for RIOT State: demonstrator State: This PR (loosely) demonstrates a concept and is not necessarily meant to be merged. Area: sys Area: System labels Sep 10, 2019
@jcarrano jcarrano changed the title examples/default: PoC user/password login for for the terminal examples/default: PoC user/password login for the terminal Sep 10, 2019
@jcarrano
Copy link
Contributor Author

Btw, I know that I stored the password in clear text, and it haunts me in my sleep.

@vincent-d
Copy link
Member

For reference, I did a PoC of shell login here, 2 years ago: #6893

@jcarrano
Copy link
Contributor Author

@vincent-d Interesting. I did not intend to turn this into a module - I was just playing around, trying to show what can be done.

Another idea I had today is that of using the CPU ID as the password salt.

The previous code would check the input at the same time that it was
read, avoiding the need for a buffer.

Splitting both functions is necessary to change the check/verify to
a more sophisticated implemetation, like password hashing.
This implements PBKDF2-sha256. The implementation was derived from the
one in python's hashlib, via some rewriting and simplifications.

A script is provided to compute the key.

The implementation in the cifra package seemed to hang.
@jcarrano jcarrano added the Area: security Area: Security-related libraries and subsystems label Sep 11, 2019
@miri64
Copy link
Member

miri64 commented Jun 25, 2020

Parts of this (without crypto) are implemented in #13082

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Area: security Area: Security-related libraries and subsystems Area: sys Area: System State: demonstrator State: This PR (loosely) demonstrates a concept and is not necessarily meant to be merged. Type: new feature The issue requests / The PR implemements a new feature for RIOT
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants