factotum 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711
  1. .TH FACTOTUM 4
  2. .SH NAME
  3. factotum, fgui \- authentication agent
  4. .SH SYNOPSIS
  5. .B auth/factotum
  6. [
  7. .B -DdkSun
  8. ] [
  9. .B -a asaddr
  10. ] [
  11. .B -s
  12. .I srvname
  13. ] [
  14. .B -m
  15. .I mtpt
  16. ]
  17. .PP
  18. .B auth/factotum
  19. .B -g
  20. .IB attribute = value
  21. .B ...
  22. .IB attribute ?
  23. .B ...
  24. .PP
  25. .B auth/fgui
  26. .SH DESCRIPTION
  27. .I Factotum
  28. is a user-level file system that
  29. acts as the authentication agent for a user.
  30. It does so by managing a set of
  31. .IR keys .
  32. A key is a collection of information used to authenticate a particular action.
  33. Stored as a list of
  34. .IB attribute = value
  35. pairs, a key typically contains a user, an authentication domain, a protocol, and
  36. some secret data.
  37. .PP
  38. .I Factotum
  39. presents a two level directory. The first
  40. level contains a single directory
  41. .BR factotum ,
  42. which in turn contains:
  43. .TF needkey
  44. .TP
  45. .B rpc
  46. each open represents a new private channel to
  47. .I factotum
  48. .TP
  49. .B proto
  50. when read lists the protocols available
  51. .TP
  52. .B confirm
  53. for confiming the use of key
  54. .TP
  55. .B needkey
  56. allows external programs to control the addition of new keys
  57. .TP
  58. .B log
  59. a log of actions
  60. .TP
  61. .B ctl
  62. for maintaining keys; when read, it returns a list of keys.
  63. For secret attributes, only the attribute name follow by a
  64. .L ?
  65. is returned.
  66. .PD
  67. .PP
  68. In any authentication, the caller typically acts as a client
  69. and the callee as a server. The server determines
  70. the authentication domain, sometimes after a negotiation with
  71. the client. Authentication always requires the client to
  72. prove its identity to the server. Under some protocols, the
  73. authentication is mutual.
  74. Proof is accomplished using secret information kept by factotum
  75. in conjunction with a cryptographic protocol.
  76. .PP
  77. .I Factotum
  78. can act in the role of client for any process possessing the
  79. same user id as it. For select protocols such as
  80. .B p9sk1
  81. it can also act as a client for other processes provided
  82. its user id may speak for the other process' user id (see
  83. .IR authsrv (6)).
  84. .I Factotum
  85. can act in the role of server for any process.
  86. .PP
  87. .IR Factotum 's
  88. structure is independent of
  89. any particular authentication protocol.
  90. .I Factotum
  91. supports the following protocols:
  92. .TF mschap
  93. .TP
  94. .B p9any
  95. a metaprotocol used to negotiate which actual protocol to use.
  96. .TP
  97. .B p9sk1
  98. a Plan 9 shared key protocol described in
  99. .IR authsrv (6)'s
  100. ``File Service'' section.
  101. .TP
  102. .B p9sk2
  103. a variant of
  104. .B p9sk1
  105. described in
  106. .IR authsrv (6)'s
  107. ``Remote Execution'' section.
  108. .TP
  109. .B p9cr
  110. a Plan 9 protocol that can use either
  111. .B p9sk1
  112. keys or SecureID tokens.
  113. .TP
  114. .B apop
  115. the challenge/response protocol used by POP3 mail servers.
  116. .TP
  117. .B cram
  118. the challenge/response protocol also used by POP3 mail servers.
  119. .TP
  120. .B chap
  121. the challenge/response protocols used by PPP and PPTP.
  122. .TP
  123. .B mschap
  124. a proprietary Microsoft protocol also used by PPP and PPTP.
  125. .TP
  126. .B rsa
  127. RSA public key decryption, used by SSH and TLS.
  128. .TP
  129. .B pass
  130. passwords in the clear.
  131. .TP
  132. .B vnc
  133. .IR vnc (1)'s
  134. challenge/response.
  135. .TP
  136. .B wep
  137. WEP passwords for wireless ethernet cards.
  138. .PD
  139. .PP
  140. The options are:
  141. .TP
  142. .B \-a
  143. supplies the address of the authentication server to use.
  144. Without this option, it will attempt to find an authentication server by
  145. querying the connection server, the file
  146. .BR <mtpt>/ndb ,
  147. and finally the network database in
  148. .BR /lib/ndb .
  149. .TP
  150. .B \-m
  151. specifies the mount point to use, by default
  152. .BR /mnt .
  153. .TP
  154. .B \-s
  155. specifies the service name to use.
  156. Without this option,
  157. .I factotum
  158. does not create a service file in
  159. .BR /srv .
  160. .TP
  161. .B \-D
  162. turns on 9P tracing, written to standard error.
  163. .TP
  164. .B \-d
  165. turns on debugging, written to standard error.
  166. .TP
  167. .B \-g
  168. causes the agent to prompt for the key, write it
  169. to the
  170. .B ctl
  171. file, and exit.
  172. The agent will prompt for values for any of the
  173. attributes ending with a question mark
  174. .RB ( ? )
  175. and will append all the supplied
  176. .I attribute = value
  177. pairs. See the section on key templates below.
  178. .TP
  179. .B \-n
  180. don't look for a secstore.
  181. .TP
  182. .B \-S
  183. indicates that the agent is running on a
  184. cpu server. On starting, it will attempt to get a
  185. .B 9psk1
  186. key from NVRAM using
  187. .B readnvram
  188. (see
  189. .IR authsrv (2)),
  190. prompting for anything it needs.
  191. It will never subsequently prompt for a
  192. key that it doesn't have.
  193. This option is typically used by
  194. the kernel at boot time.
  195. .TP
  196. .B \-k
  197. causes the NVRAM to be written.
  198. It is only valid with the
  199. .B \-S
  200. option.
  201. This option is typically used by
  202. the kernel at boot time.
  203. .TP
  204. .B \-u
  205. causes the agent to prompt for user
  206. id and writes it to
  207. .BR /dev/hostowner .
  208. It is mutually exclusive with
  209. .B \-k
  210. and
  211. .BR \-S .
  212. This option is typically used by
  213. the kernel at boot time.
  214. .PD
  215. .PP
  216. .I Fgui
  217. is a graphic user interface for confirming key usage and
  218. entering new keys. It hides the window in which it starts
  219. and waits reading requests from
  220. .B confirm
  221. and
  222. .BR needkey .
  223. For each requests, it unhides itself and waits for
  224. user input.
  225. See the sections on key confirmation and key prompting below.
  226. .SS "Key Tuples
  227. .PP
  228. A
  229. .I "key tuple
  230. is a space delimited list of
  231. .IB attribute = value
  232. pairs. An attribute whose name begins with an exclamation point
  233. .RB ( ! )
  234. does not appear when reading the
  235. .B ctl
  236. file.
  237. The required attributes depend on the authentication protocol.
  238. .PP
  239. .BR P9sk1 ,
  240. .BR p9sk2 ,
  241. and
  242. .BR p9cr
  243. all require a key with
  244. .BR proto = p9sk1 ,
  245. a
  246. .B dom
  247. attribute identifying the authentication domain, a
  248. .B user
  249. name valid in that domain, and either a
  250. .B !password
  251. or
  252. .B !hex
  253. attribute specifying the password or hexadecimal secret
  254. to be used. Here is an example:
  255. .PP
  256. .EX
  257. proto=p9sk1 dom=avayalabs.com user=presotto !password=lucent
  258. .EE
  259. .PP
  260. .BR Apop ,
  261. .BR cram ,
  262. .BR chap ,
  263. and
  264. .BR mschap ,
  265. require a key with a
  266. .B proto
  267. attribute whose value matches the protocol,
  268. in addition to
  269. .BR server ,
  270. .BR user ,
  271. and
  272. .B !password
  273. attributes;
  274. e.g.
  275. .PP
  276. .EX
  277. proto=apop server=mit.edu user=rsc !password=nerdsRus
  278. .EE
  279. Vnc is similar but does not require a
  280. .B user
  281. attribute.
  282. .PP
  283. .B Pass
  284. requires a key with
  285. .B proto=pass
  286. in addition to
  287. .B user
  288. and
  289. .B !password
  290. attributes; e.g.
  291. .PP
  292. .EX
  293. proto=pass user=tb !password=does.it.matter
  294. .EE
  295. .PP
  296. .B Rsa
  297. requires a key with
  298. .B proto=rsa
  299. in addition to all the hex attributes defining an RSA key:
  300. .BR ek ,
  301. .BR n ,
  302. .BR !p ,
  303. .BR !q ,
  304. .BR !kp ,
  305. .BR !kq ,
  306. .BR !c2 ,
  307. and
  308. .BR !dk .
  309. By convention, programs using the RSA protocol also require a
  310. .B service
  311. attribute set to
  312. .BR ssh ,
  313. .BR sshserve ,
  314. or
  315. .BR tls .
  316. .PP
  317. .B Wep
  318. requires a
  319. .BR key1 ,
  320. .BR key2 ,
  321. or
  322. .BR key3
  323. set to the password to be used.
  324. Starting the protocol causes
  325. .I factotum
  326. to configure the wireless ethernet card
  327. .B #l/ether0
  328. for WEP encryption with the given password.
  329. .PP
  330. All keys can have additional attibutes that act either as comments
  331. or as selectors to distinguish them in the
  332. .IR auth (2)
  333. library calls.
  334. .PP
  335. The factotum owner can use any key stored by factotum.
  336. Any key may have one or more
  337. .B owner
  338. attributes listing the users who can use the key
  339. as though they were the owner.
  340. For example, the TLS and SSH host keys on a server
  341. often have an attribute
  342. .B owner=*
  343. to allow any user (and in particular,
  344. .L none )
  345. to run the TLS or SSH server-side protocol.
  346. .PP
  347. Any key may have a
  348. .B role
  349. attribute for restricting how it can be used.
  350. If this attribute is missing, the key can be used in any role.
  351. The possible values are:
  352. .TP
  353. .B client
  354. for authenticating outbound calls
  355. .TP
  356. .B server
  357. for authenticating inbound calls
  358. .TP
  359. .B speaksfor
  360. for authenticating processes whose
  361. user id does not match
  362. .IR factotum 's.
  363. .PD
  364. .PP
  365. Whenever
  366. .I factotum
  367. runs as a server, it must have a
  368. .B p9sk1
  369. key in order to communicate with the authentication
  370. server for validating passwords and challenge/responses of
  371. other users.
  372. .SS "Key Templates
  373. Key templates are used by routines that interface to
  374. .I factotum
  375. such as
  376. .B auth_proxy
  377. and
  378. .B auth_challenge
  379. (see
  380. .IR auth (2))
  381. to specify which key and protocol to use for an authentication.
  382. Like a key tuple, a key template is also a list of
  383. .IB attribute = value
  384. pairs.
  385. It must specify at least the protocol and enough
  386. other attributes to uniquely identify a key, or set of keys, to use.
  387. The keys chosen are those that match all the attributes specified
  388. in the template. The possible attribute/value formats are:
  389. .TP 1i
  390. .IB attr = val
  391. The attribute
  392. .I attr
  393. must exist in the key and its value must exactly
  394. match
  395. .I val
  396. .TP 1i
  397. .IB attr ?
  398. The attribute
  399. .I attr
  400. must exist in the key but its value doesn't matter.
  401. .TP 1i
  402. .I attr
  403. The attribute
  404. .I attr
  405. must exist in the key with a null value
  406. .PD
  407. .PP
  408. Key templates are also used by factotum to request a key either via
  409. an RPC error or via the
  410. .B needkey
  411. interface.
  412. The possible attribute/value formats are:
  413. .TP 1i
  414. .IB attr = val
  415. This pair must remain unchanged
  416. .TP 1i
  417. .IB attr ?
  418. This attribute needs a value
  419. .TP 1i
  420. .I attr
  421. The pair must remain unchanged
  422. .PD
  423. .SS "Control and Key Management
  424. .PP
  425. A number of messages can be written to the control file.
  426. The mesages are:
  427. .TP
  428. .B "key \fIattribute-value-list\fP
  429. add a new key. This will replace any old key whose
  430. public, i.e. non ! attributes, match.
  431. .TP
  432. .B "delkey \fIattribute-value-list\fP
  433. delete a key whose attributes match those given.
  434. .TP
  435. .B debug
  436. toggle debugging on and off, i.e., the debugging also
  437. turned on by the
  438. .B \-d
  439. option.
  440. .PP
  441. By default when factotum starts it looks for a
  442. .IR secstore (1)
  443. account on $auth for the user and, if one exists,
  444. prompts for a secstore password in order to fetch
  445. the file
  446. .IR factotum ,
  447. which should contain control file commands.
  448. An example would be
  449. .EX
  450. key dom=x.com proto=p9sk1 user=boyd !hex=26E522ADE2BBB2A229
  451. key proto=rsa service=ssh size=1024 ek=3B !dk=...
  452. .EE
  453. where the first line sets a password for
  454. challenge/response authentication, strong against dictionary
  455. attack by being a long random string, and the second line
  456. sets a public/private keypair for ssh authentication,
  457. generated by
  458. .B ssh_genkey
  459. (see
  460. .IR ssh (1)).
  461. .PD
  462. .SS "Confirming key use
  463. .PP
  464. The
  465. .B confirm
  466. file provides a connection from
  467. .I factotum
  468. to a confirmation server, normally the program
  469. .IR auth/fgui .
  470. Whenever a key with the
  471. .B confirm
  472. attribute is used,
  473. .I factotum
  474. requires confirmation of its use. If no process has
  475. .B confirm
  476. opened, use of the key will be denied.
  477. However, if the file is opened a request can be read from it
  478. with the following format:
  479. .PP
  480. .B confirm
  481. .BI tag= tagno
  482. .I "<key template>
  483. .PP
  484. The reply, written back to
  485. .BR confirm ,
  486. consists of string:
  487. .PP
  488. .BI tag= tagno
  489. .BI answer= xxx
  490. .PP
  491. If
  492. .I xxx
  493. is the string
  494. .B yes
  495. then the use is confirmed and the authentication will proceed.
  496. Otherwise, it fails.
  497. .PP
  498. .B Confirm
  499. is exclusive open and can only be opened by a process with
  500. the same user id as
  501. .IR factotum .
  502. .SS "Prompting for keys
  503. .PP
  504. The
  505. .B needkey
  506. file provides a connection from
  507. .I factotum
  508. to a key server, normally the program
  509. .IR auth/fgui .
  510. Whenever
  511. .I factotum
  512. needs a new key, it first checks to see if
  513. .B needkey
  514. is opened. If it isn't, it returns a error to its client.
  515. If the file is opened a request can be read from it
  516. with the following format:
  517. .PP
  518. .B needkey
  519. .BI tag= tagno
  520. .I "<key template>
  521. .PP
  522. It is up to the reader to then query the user for any missing fields,
  523. write the key tuple into the
  524. .B ctl
  525. file, and then reply by writing into the
  526. .B needkey
  527. file the string:
  528. .PP
  529. .BI tag= tagno
  530. .PP
  531. .B Needkey
  532. is exclusive open and can only be opened by a process with
  533. the same user id as
  534. .IR factotum .
  535. .SS "The RPC Protocol
  536. Authentication is performed by
  537. .IP 1)
  538. opening
  539. .BR rpc
  540. .IP 2)
  541. setting up the protocol and key to be used (see the
  542. .B start
  543. RPC below),
  544. .IP 3)
  545. shuttling messages back and forth between
  546. .IR factotum
  547. and the other party (see the
  548. .B read
  549. and
  550. .B write
  551. RPC's) until done
  552. .IP 4)
  553. if successful, reading back an
  554. .I AuthInfo
  555. structure (see
  556. .IR authsrv (2)).
  557. .PP
  558. The RPC protocol is normally embodied by one of the
  559. routines in
  560. .IR auth (2).
  561. We describe it here should anyone want to extend
  562. the library.
  563. .PP
  564. An RPC consists of writing a request message to
  565. .B rpc
  566. followed by reading a reply message back.
  567. RPC's are strictly ordered; requests and replies of
  568. different RPC's cannot be interleaved.
  569. Messages consist of of a verb, a singe space, and data.
  570. The data format depends on the verb. The request verbs are:
  571. .TP
  572. .B "start \fIattribute-value-list\fP
  573. start a new authentication.
  574. .I Attribute-value-pair-list
  575. must include a
  576. .B proto
  577. attribute, a
  578. .B role
  579. attribute with value
  580. .B client
  581. or
  582. .BR server ,
  583. and enough other attibutes to uniquely identify a key to use.
  584. A
  585. .B start
  586. RPC is required before any others. The possible replies are:
  587. .RS
  588. .TP
  589. .B ok
  590. start succeeded.
  591. .TP
  592. .B "error \fIstring\fP
  593. where
  594. .I string
  595. is the reason.
  596. .RE
  597. .PD
  598. .TP
  599. .B read
  600. get data from
  601. .I factotum
  602. to send to the other party. The possible replies are:
  603. .RS
  604. .TP
  605. .B ok
  606. read succeeded, this is zero length message.
  607. .TP
  608. .B "ok \fIdata\fP
  609. read succeeded, the data follows the space and is
  610. unformatted.
  611. .TP
  612. .B "done
  613. authentication has succeeded, no further RPC's are
  614. necessary
  615. .TP
  616. .B "done haveai
  617. authentication has succeeded, an
  618. .B AuthInfo
  619. structure (see
  620. .IR auth (2))
  621. can be retrieved with an
  622. .B authinfo
  623. RPC
  624. .TP
  625. .B "phase \fIstring\fP
  626. its not your turn to read, get some data from
  627. the other party and return it with a write RPC.
  628. .TP
  629. .B "error \fIstring\fP
  630. authentication failed,
  631. .I string
  632. is the reason.
  633. .TP
  634. .B "protocol not started
  635. a
  636. .B start
  637. RPC needs to be preceed reads and writes
  638. .TP
  639. .B "needkey \fIattribute-value-list\fP
  640. a key matching the argument is needed. This argument
  641. may be passed as an argument to
  642. .I factotum
  643. .B -g
  644. in order to prompt for a key. After that, the
  645. authentication may proceed, i.e., the read restarted.
  646. .PD
  647. .RE
  648. .TP
  649. .B "write \fIdata\fP
  650. send data from the other party to
  651. .IR factotum .
  652. The possible replies are:
  653. .RS
  654. .TP
  655. .B "ok
  656. the write succeeded
  657. .TP
  658. .B "needkey \fIattribute-value-list\fP
  659. see above
  660. .TP
  661. .B "toosmall \fIn\fP
  662. the write is too short, get more data from the
  663. other party and retry the write.
  664. .I n
  665. specifies the maximun total number of bytes.
  666. .TP
  667. .B "phase \fIstring\fP
  668. its not your turn to write, get some data from
  669. .I factotum
  670. first.
  671. .TP
  672. .B "done
  673. see above
  674. .TP
  675. .B "done haveai
  676. see above
  677. .RE
  678. .TP
  679. .B authinfo
  680. retrieve the AuthInfo structure.
  681. The possible replies are:
  682. .RS
  683. .TP
  684. .B "ok \fIdata\fP
  685. .I data
  686. is a marshaled form of the AuthInfo structure.
  687. .TP
  688. .B "error \fIstring\fP
  689. where
  690. .I string
  691. is the reason for the error.
  692. .PD
  693. .RE
  694. .TP
  695. .B attr
  696. retrieve the attributes used in the
  697. .B start
  698. RPC.
  699. The possible replies are:
  700. .RS
  701. .TP
  702. .B "ok \fIattribute-value-list\fP
  703. .TP
  704. .B "error \fIstring\fP
  705. where
  706. .I string
  707. is the reason for the error.
  708. .PD
  709. .RE
  710. .SH SOURCE
  711. .B /sys/src/cmd/auth/factotum