examples/default: PoC user/password login for the terminal#12191
Closed
jcarrano wants to merge 6 commits intoRIOT-OS:masterfrom
Closed
examples/default: PoC user/password login for the terminal#12191jcarrano wants to merge 6 commits intoRIOT-OS:masterfrom
jcarrano wants to merge 6 commits intoRIOT-OS:masterfrom
Conversation
Right now the only way to exit the shell is if stdin is closed. This works on native, but on an embedded platform stdin is the uart and thus is never closed. This patch causes the shell loop to exit on EOT (ASCII 0x04 / ctrl-D), also called "End-of-Transmission".
Test that the shell exits on ctrl-D and that it exits only once.
This is a very rough proof of concept showing how a simmple user/password prompt can be used at the serial terminal to protect the shell. To be effective, this requires a shell that can be exited, in order to be able to log off. The login prompt has a built in delay between attempts (1 second at lest, 7 seconds each three failed attempts). This won't work quite right in native because the serial/pty handling is different there (we are not turning off the OS' line bufering and that gets in the way, as well as ctrl-d) I get the best experience using miniterm.py: ``` miniterm.py --eol LF /dev/ttyACM0 115200 ```
jcarrano
added
Type: new feature
jcarrano
changed the title
Contributor
Author
|
Btw, I know that I stored the password in clear text, and it haunts me in my sleep. |
Member
|
For reference, I did a PoC of shell login here, 2 years ago: #6893 |
Contributor
Author
|
@vincent-d Interesting. I did not intend to turn this into a module - I was just playing around, trying to show what can be done. Another idea I had today is that of using the CPU ID as the password salt. |
The previous code would check the input at the same time that it was read, avoiding the need for a buffer. Splitting both functions is necessary to change the check/verify to a more sophisticated implemetation, like password hashing.
This implements PBKDF2-sha256. The implementation was derived from the one in python's hashlib, via some rewriting and simplifications. A script is provided to compute the key. The implementation in the cifra package seemed to hang.
jcarrano
added
the
Area: security
Member
|
Parts of this (without crypto) are implemented in #13082 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Contribution description
This is a very rough proof of concept showing how a simple user/password prompt can be used at the serial terminal to protect the shell.
The password is hashed and salted with PBKDF2-sha256.
To be effective, this requires a shell that can be exited, in order to be able to log off.
The login prompt has a built in delay between attempts (7 seconds each three failed attempts, plus the delay inherent to the key derivation function.).
Testing procedure
This won't work quite right in native because the serial/pty handling isdifferent there (we are not turning off the OS' line bufering and that gets in the way, as well as ctrl-d)
I get the best experience using miniterm.py (I used a samr21):
The credentials are
admin,Passw0rd!.Issues/PRs references
Built on top of #10788 .