1
0

factotum 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740
  1. .TH FACTOTUM 4
  2. .SH NAME
  3. factotum, fgui \- authentication agent
  4. .SH SYNOPSIS
  5. .B auth/factotum
  6. [
  7. .B -DdknpuS
  8. ] [
  9. .B -a asaddr
  10. ] [
  11. .B -s
  12. .I srvname
  13. ] [
  14. .B -m
  15. .I mtpt
  16. ]
  17. .PP
  18. .B auth/factotum
  19. .B -g
  20. .IB attribute = value
  21. .B ...
  22. .IB attribute ?
  23. .B ...
  24. .PP
  25. .B auth/fgui
  26. .SH DESCRIPTION
  27. .I Factotum
  28. is a user-level file system that
  29. acts as the authentication agent for a user.
  30. It does so by managing a set of
  31. .IR keys .
  32. A key is a collection of information used to authenticate a particular action.
  33. Stored as a list of
  34. .IB attribute = value
  35. pairs, a key typically contains a user, an authentication domain, a protocol, and
  36. some secret data.
  37. .PP
  38. .I Factotum
  39. presents a two level directory. The first
  40. level contains a single directory
  41. .BR factotum ,
  42. which in turn contains:
  43. .TF needkey
  44. .TP
  45. .B rpc
  46. each open represents a new private channel to
  47. .I factotum
  48. .TP
  49. .B proto
  50. when read lists the protocols available
  51. .TP
  52. .B confirm
  53. for confiming the use of key
  54. .TP
  55. .B needkey
  56. allows external programs to control the addition of new keys
  57. .TP
  58. .B log
  59. a log of actions
  60. .TP
  61. .B ctl
  62. for maintaining keys; when read, it returns a list of keys.
  63. For secret attributes, only the attribute name follow by a
  64. .L ?
  65. is returned.
  66. .PD
  67. .PP
  68. In any authentication, the caller typically acts as a client
  69. and the callee as a server. The server determines
  70. the authentication domain, sometimes after a negotiation with
  71. the client. Authentication always requires the client to
  72. prove its identity to the server. Under some protocols, the
  73. authentication is mutual.
  74. Proof is accomplished using secret information kept by factotum
  75. in conjunction with a cryptographic protocol.
  76. .PP
  77. .I Factotum
  78. can act in the role of client for any process possessing the
  79. same user id as it. For select protocols such as
  80. .B p9sk1
  81. it can also act as a client for other processes provided
  82. its user id may speak for the other process' user id (see
  83. .IR authsrv (6)).
  84. .I Factotum
  85. can act in the role of server for any process.
  86. .PP
  87. .IR Factotum 's
  88. structure is independent of
  89. any particular authentication protocol.
  90. .I Factotum
  91. supports the following protocols:
  92. .TF mschap
  93. .TP
  94. .B p9any
  95. a metaprotocol used to negotiate which actual protocol to use.
  96. .TP
  97. .B p9sk1
  98. a Plan 9 shared key protocol described in
  99. .IR authsrv (6)'s
  100. ``File Service'' section.
  101. .TP
  102. .B p9sk2
  103. a variant of
  104. .B p9sk1
  105. described in
  106. .IR authsrv (6)'s
  107. ``Remote Execution'' section.
  108. .TP
  109. .B p9cr
  110. a Plan 9 protocol that can use either
  111. .B p9sk1
  112. keys or SecureID tokens.
  113. .TP
  114. .B apop
  115. the challenge/response protocol used by POP3 mail servers.
  116. .TP
  117. .B cram
  118. the challenge/response protocol also used by POP3 mail servers.
  119. .TP
  120. .B chap
  121. the challenge/response protocols used by PPP and PPTP.
  122. .TP
  123. .B mschap
  124. a proprietary Microsoft protocol also used by PPP and PPTP.
  125. .TP
  126. .B rsa
  127. RSA public key decryption, used by SSH and TLS.
  128. .TP
  129. .B pass
  130. passwords in the clear.
  131. .TP
  132. .B vnc
  133. .IR vnc (1)'s
  134. challenge/response.
  135. .TP
  136. .B wpapsk
  137. the WPA-PSK challenge/response protocol used in wireless networks
  138. (client side only).
  139. .TP
  140. .B wep
  141. WEP passwords for wireless ethernet cards.
  142. .PD
  143. .PP
  144. The options are:
  145. .TP
  146. .B \-a
  147. supplies the address of the authentication server to use.
  148. Without this option, it will attempt to find an authentication server by
  149. querying the connection server, the file
  150. .BR <mtpt>/ndb ,
  151. and finally the network database in
  152. .BR /lib/ndb .
  153. .TP
  154. .B \-m
  155. specifies the mount point to use, by default
  156. .BR /mnt .
  157. .TP
  158. .B \-s
  159. specifies the service name to use.
  160. Without this option,
  161. .I factotum
  162. does not create a service file in
  163. .BR /srv .
  164. .TP
  165. .B \-D
  166. turns on 9P tracing, written to standard error.
  167. .TP
  168. .B \-d
  169. turns on debugging, written to standard error.
  170. .TP
  171. .B \-g
  172. causes the agent to prompt for the key, write it
  173. to the
  174. .B ctl
  175. file, and exit.
  176. The agent will prompt for values for any of the
  177. attributes ending with a question mark
  178. .RB ( ? )
  179. and will append all the supplied
  180. .I attribute = value
  181. pairs. See the section on key templates below.
  182. .TP
  183. .B \-n
  184. don't look for a secstore.
  185. .TP
  186. .B \-S
  187. indicates that the agent is running on a
  188. CPU server. On starting, it will attempt to get a
  189. .B p9sk1
  190. key from NVRAM using
  191. .B readnvram
  192. (see
  193. .IR authsrv (2)),
  194. prompting for anything it needs.
  195. It will never subsequently prompt for a
  196. key that it doesn't have.
  197. This option is typically used by
  198. the kernel at boot time.
  199. .TP
  200. .B \-k
  201. causes the NVRAM to be written.
  202. It is only valid with the
  203. .B \-S
  204. option.
  205. This option is typically used by
  206. the kernel at boot time.
  207. .TP
  208. .B \-u
  209. causes the agent to prompt for user
  210. id and writes it to
  211. .BR /dev/hostowner .
  212. It is mutually exclusive with
  213. .B \-k
  214. and
  215. .BR \-S .
  216. This option is typically used by
  217. the kernel at boot time.
  218. .TP
  219. .B \-p
  220. causes the agent not to mark itself `private'
  221. via
  222. .IR proc (3),
  223. so that it can be debugged.
  224. It is implied by
  225. .BR \-d .
  226. .PD
  227. .PP
  228. .I Fgui
  229. is a graphic user interface for confirming key usage and
  230. entering new keys. It hides the window in which it starts
  231. and waits reading requests from
  232. .B confirm
  233. and
  234. .BR needkey .
  235. For each requests, it unhides itself and waits for
  236. user input.
  237. See the sections on key confirmation and key prompting below.
  238. .SS "Key Tuples
  239. .PP
  240. A
  241. .I "key tuple
  242. is a space delimited list of
  243. .IB attribute = value
  244. pairs. An attribute whose name begins with an exclamation point
  245. .RB ( ! )
  246. does not appear when reading the
  247. .B ctl
  248. file.
  249. The required attributes depend on the authentication protocol.
  250. .PP
  251. .BR P9sk1 ,
  252. .BR p9sk2 ,
  253. and
  254. .BR p9cr
  255. all require a key with
  256. .BR proto = p9sk1 ,
  257. a
  258. .B dom
  259. attribute identifying the authentication domain, a
  260. .B user
  261. name valid in that domain, and either a
  262. .B !password
  263. or
  264. .B !hex
  265. attribute specifying the password or hexadecimal secret
  266. to be used. Here is an example:
  267. .PP
  268. .EX
  269. proto=p9sk1 dom=avayalabs.com user=presotto !password=lucent
  270. .EE
  271. .PP
  272. .BR Apop ,
  273. .BR cram ,
  274. .BR chap ,
  275. and
  276. .BR mschap ,
  277. require a key with a
  278. .B proto
  279. attribute whose value matches the protocol,
  280. in addition to
  281. .BR server ,
  282. .BR user ,
  283. and
  284. .B !password
  285. attributes;
  286. e.g.
  287. .PP
  288. .EX
  289. proto=apop server=mit.edu user=rsc !password=nerdsRus
  290. .EE
  291. Vnc is similar but does not require a
  292. .B user
  293. attribute.
  294. .PP
  295. .B Pass
  296. requires a key with
  297. .B proto=pass
  298. in addition to
  299. .B user
  300. and
  301. .B !password
  302. attributes; e.g.
  303. .PP
  304. .EX
  305. proto=pass user=tb !password=does.it.matter
  306. .EE
  307. .PP
  308. .B Rsa
  309. requires a key with
  310. .B proto=rsa
  311. in addition to all the hex attributes defining an RSA key:
  312. .BR ek ,
  313. .BR n ,
  314. .BR !p ,
  315. .BR !q ,
  316. .BR !kp ,
  317. .BR !kq ,
  318. .BR !c2 ,
  319. and
  320. .BR !dk .
  321. By convention, programs using the RSA protocol also require a
  322. .B service
  323. attribute set to
  324. .BR ssh ,
  325. .BR sshserve ,
  326. or
  327. .BR tls .
  328. .PP
  329. .B Wpapsk
  330. requires a key with
  331. .B proto=wpapsk
  332. and attributes
  333. .B essid
  334. and
  335. .BR !password .
  336. .PP
  337. .B Wep
  338. requires a
  339. .BR key1 ,
  340. .BR key2 ,
  341. or
  342. .BR key3
  343. set to the password to be used.
  344. Starting the protocol causes
  345. .I factotum
  346. to configure the wireless ethernet card
  347. .B #l/ether0
  348. for WEP encryption with the given password.
  349. .PP
  350. All keys can have additional attributes that act either as comments
  351. or as selectors to distinguish them in the
  352. .IR auth (2)
  353. library calls.
  354. .PP
  355. The factotum owner can use any key stored by factotum.
  356. Any key may have one or more
  357. .B owner
  358. attributes listing the users who can use the key
  359. as though they were the owner.
  360. For example, the TLS and SSH host keys on a server
  361. often have an attribute
  362. .B owner=*
  363. to allow any user (and in particular,
  364. .LR none )
  365. to run the TLS or SSH server-side protocol.
  366. .PP
  367. Any key may have a
  368. .B role
  369. attribute for restricting how it can be used.
  370. If this attribute is missing, the key can be used in any role.
  371. The possible values are:
  372. .TP
  373. .B client
  374. for authenticating outbound calls
  375. .TP
  376. .B server
  377. for authenticating inbound calls
  378. .TP
  379. .B speakfor
  380. for authenticating processes whose
  381. user id does not match
  382. .IR factotum 's.
  383. .PP
  384. If a key has a
  385. .B disabled
  386. attribute (with any value), the key is not used
  387. during any protocols. Factotum automatically marks
  388. keys with
  389. .B disabled=by.factotum
  390. when they fail during certain authentication
  391. protocols (in particular, the Plan 9 ones).
  392. .PD
  393. .PP
  394. Whenever
  395. .I factotum
  396. runs as a server, it must have a
  397. .B p9sk1
  398. key in order to communicate with the authentication
  399. server for validating passwords and challenge/responses of
  400. other users.
  401. .SS "Key Templates
  402. Key templates are used by routines that interface to
  403. .I factotum
  404. such as
  405. .B auth_proxy
  406. and
  407. .B auth_challenge
  408. (see
  409. .IR auth (2))
  410. to specify which key and protocol to use for an authentication.
  411. Like a key tuple, a key template is also a list of
  412. .IB attribute = value
  413. pairs.
  414. It must specify at least the protocol and enough
  415. other attributes to uniquely identify a key, or set of keys, to use.
  416. The keys chosen are those that match all the attributes specified
  417. in the template. The possible attribute/value formats are:
  418. .TP 1i
  419. .IB attr = val
  420. The attribute
  421. .I attr
  422. must exist in the key and its value must exactly
  423. match
  424. .I val
  425. .TP 1i
  426. .IB attr ?
  427. The attribute
  428. .I attr
  429. must exist in the key but its value doesn't matter.
  430. .TP 1i
  431. .I attr
  432. The attribute
  433. .I attr
  434. must exist in the key with a null value
  435. .PD
  436. .PP
  437. Key templates are also used by factotum to request a key either via
  438. an RPC error or via the
  439. .B needkey
  440. interface.
  441. The possible attribute/value formats are:
  442. .TP 1i
  443. .IB attr = val
  444. This pair must remain unchanged
  445. .TP 1i
  446. .IB attr ?
  447. This attribute needs a value
  448. .TP 1i
  449. .I attr
  450. The pair must remain unchanged
  451. .PD
  452. .SS "Control and Key Management
  453. .PP
  454. A number of messages can be written to the control file.
  455. The messages are:
  456. .TP
  457. .B "key \fIattribute-value-list\fP
  458. add a new key. This will replace any old key whose
  459. public, i.e. non ! attributes, match.
  460. .TP
  461. .B "delkey \fIattribute-value-list\fP
  462. delete a key whose attributes match those given.
  463. .TP
  464. .B debug
  465. toggle debugging on and off, i.e., the debugging also
  466. turned on by the
  467. .B \-d
  468. option.
  469. .PP
  470. By default when factotum starts it looks for a
  471. .IR secstore (1)
  472. account on $auth for the user and, if one exists,
  473. prompts for a secstore password in order to fetch
  474. the file
  475. .IR factotum ,
  476. which should contain control file commands.
  477. An example would be
  478. .EX
  479. key dom=x.com proto=p9sk1 user=boyd !hex=26E522ADE2BBB2A229
  480. key proto=rsa service=ssh size=1024 ek=3B !dk=...
  481. .EE
  482. where the first line sets a password for
  483. challenge/response authentication, strong against dictionary
  484. attack by being a long random string, and the second line
  485. sets a public/private keypair for ssh authentication,
  486. generated by
  487. .B ssh_genkey
  488. (see
  489. .IR ssh (1)).
  490. .PD
  491. .SS "Confirming key use
  492. .PP
  493. The
  494. .B confirm
  495. file provides a connection from
  496. .I factotum
  497. to a confirmation server, normally the program
  498. .IR auth/fgui .
  499. Whenever a key with the
  500. .B confirm
  501. attribute is used,
  502. .I factotum
  503. requires confirmation of its use. If no process has
  504. .B confirm
  505. opened, use of the key will be denied.
  506. However, if the file is opened a request can be read from it
  507. with the following format:
  508. .PP
  509. .B confirm
  510. .BI tag= tagno
  511. .I "<key template>
  512. .PP
  513. The reply, written back to
  514. .BR confirm ,
  515. consists of string:
  516. .PP
  517. .BI tag= tagno
  518. .BI answer= xxx
  519. .PP
  520. If
  521. .I xxx
  522. is the string
  523. .B yes
  524. then the use is confirmed and the authentication will proceed.
  525. Otherwise, it fails.
  526. .PP
  527. .B Confirm
  528. is exclusive open and can only be opened by a process with
  529. the same user id as
  530. .IR factotum .
  531. .SS "Prompting for keys
  532. .PP
  533. The
  534. .B needkey
  535. file provides a connection from
  536. .I factotum
  537. to a key server, normally the program
  538. .IR auth/fgui .
  539. Whenever
  540. .I factotum
  541. needs a new key, it first checks to see if
  542. .B needkey
  543. is opened. If it isn't, it returns a error to its client.
  544. If the file is opened a request can be read from it
  545. with the following format:
  546. .PP
  547. .B needkey
  548. .BI tag= tagno
  549. .I "<key template>
  550. .PP
  551. It is up to the reader to then query the user for any missing fields,
  552. write the key tuple into the
  553. .B ctl
  554. file, and then reply by writing into the
  555. .B needkey
  556. file the string:
  557. .PP
  558. .BI tag= tagno
  559. .PP
  560. .B Needkey
  561. is exclusive open and can only be opened by a process with
  562. the same user id as
  563. .IR factotum .
  564. .SS "The RPC Protocol
  565. Authentication is performed by
  566. .IP 1)
  567. opening
  568. .BR rpc
  569. .IP 2)
  570. setting up the protocol and key to be used (see the
  571. .B start
  572. RPC below),
  573. .IP 3)
  574. shuttling messages back and forth between
  575. .IR factotum
  576. and the other party (see the
  577. .B read
  578. and
  579. .B write
  580. RPC's) until done
  581. .IP 4)
  582. if successful, reading back an
  583. .I AuthInfo
  584. structure (see
  585. .IR authsrv (2)).
  586. .PP
  587. The RPC protocol is normally embodied by one of the
  588. routines in
  589. .IR auth (2).
  590. We describe it here should anyone want to extend
  591. the library.
  592. .PP
  593. An RPC consists of writing a request message to
  594. .B rpc
  595. followed by reading a reply message back.
  596. RPC's are strictly ordered; requests and replies of
  597. different RPC's cannot be interleaved.
  598. Messages consist of a verb, a single space, and data.
  599. The data format depends on the verb. The request verbs are:
  600. .TP
  601. .B "start \fIattribute-value-list\fP
  602. start a new authentication.
  603. .I Attribute-value-pair-list
  604. must include a
  605. .B proto
  606. attribute, a
  607. .B role
  608. attribute with value
  609. .B client
  610. or
  611. .BR server ,
  612. and enough other attributes to uniquely identify a key to use.
  613. A
  614. .B start
  615. RPC is required before any others. The possible replies are:
  616. .RS
  617. .TP
  618. .B ok
  619. start succeeded.
  620. .TP
  621. .B "error \fIstring\fP
  622. where
  623. .I string
  624. is the reason.
  625. .RE
  626. .PD
  627. .TP
  628. .B read
  629. get data from
  630. .I factotum
  631. to send to the other party. The possible replies are:
  632. .RS
  633. .TP
  634. .B ok
  635. read succeeded, this is zero length message.
  636. .TP
  637. .B "ok \fIdata\fP
  638. read succeeded, the data follows the space and is
  639. unformatted.
  640. .TP
  641. .B "done
  642. authentication has succeeded, no further RPC's are
  643. necessary
  644. .TP
  645. .B "done haveai
  646. authentication has succeeded, an
  647. .B AuthInfo
  648. structure (see
  649. .IR auth (2))
  650. can be retrieved with an
  651. .B authinfo
  652. RPC
  653. .TP
  654. .B "phase \fIstring\fP
  655. its not your turn to read, get some data from
  656. the other party and return it with a write RPC.
  657. .TP
  658. .B "error \fIstring\fP
  659. authentication failed,
  660. .I string
  661. is the reason.
  662. .TP
  663. .B "protocol not started
  664. a
  665. .B start
  666. RPC needs to precede reads and writes
  667. .TP
  668. .B "needkey \fIattribute-value-list\fP
  669. a key matching the argument is needed. This argument
  670. may be passed as an argument to
  671. .I factotum
  672. .B -g
  673. in order to prompt for a key. After that, the
  674. authentication may proceed, i.e., the read restarted.
  675. .PD
  676. .RE
  677. .TP
  678. .B "write \fIdata\fP
  679. send data from the other party to
  680. .IR factotum .
  681. The possible replies are:
  682. .RS
  683. .TP
  684. .B "ok
  685. the write succeeded
  686. .TP
  687. .B "needkey \fIattribute-value-list\fP
  688. see above
  689. .TP
  690. .B "toosmall \fIn\fP
  691. the write is too short, get more data from the
  692. other party and retry the write.
  693. .I n
  694. specifies the maximun total number of bytes.
  695. .TP
  696. .B "phase \fIstring\fP
  697. its not your turn to write, get some data from
  698. .I factotum
  699. first.
  700. .TP
  701. .B "done
  702. see above
  703. .TP
  704. .B "done haveai
  705. see above
  706. .RE
  707. .TP
  708. .B authinfo
  709. retrieve the AuthInfo structure.
  710. The possible replies are:
  711. .RS
  712. .TP
  713. .B "ok \fIdata\fP
  714. .I data
  715. is a marshaled form of the AuthInfo structure.
  716. .TP
  717. .B "error \fIstring\fP
  718. where
  719. .I string
  720. is the reason for the error.
  721. .PD
  722. .RE
  723. .TP
  724. .B attr
  725. retrieve the attributes used in the
  726. .B start
  727. RPC.
  728. The possible replies are:
  729. .RS
  730. .TP
  731. .B "ok \fIattribute-value-list\fP
  732. .TP
  733. .B "error \fIstring\fP
  734. where
  735. .I string
  736. is the reason for the error.
  737. .PD
  738. .RE
  739. .SH SOURCE
  740. .B /sys/src/cmd/auth/factotum