On Sun 2015-09-27 20:14:20 -0400, SGT. Garcia wrote:
> i use pass to manage my passwords:
> http://www.passwordstore.org/
>
> all passwords are encrypted with one single passphrase which is what i would
> like to have in *sync* with pam's OK on user's successful authentication.
This suggests that you're interested in a pam module that verifies that
you can unlock any secret key associated with the ID stored in
~/.password-store/.gpg-id, then the user can log in. Does that sound
right?
Or maybe you want your PAM module to test that given ~/.gnupg and
~/.password-store, the user-supplied password is capable of decrypting
some specific entry in pass?
either way, i think you're asking for something that is custom to your
setup.
>> Potentially even scarier, if i can convince you to import key material,
>> i could give you a secret key that is set with a passphrase that i
>> know. Once you've done that, if the PAM module allows me to connect
>> if i can unlock any key, then i could use it to unlock your account!
>
> import where? i'm not sure if i follow. pass only manages passwords for my
> email
> accounts, so far at least, and i don't see how this comes into play. would
> care
> to elaborate please?
i send you a file dkg.asc that contains my OpenPGP certificate, and ask
you to import it into your keyring. you do "gpg --import dkg.asc".
But in that file, in addition to my actual OpenPGP certificate, i've
included an additional certificate that has your own user ID on it
("SGT. Garcia <darwinsker...@gmail.com>"), uses a novel secret key, and
that secret key is encrypted by a password i know (let's say it's a
terrible password, like "bananas").
Now, if your proposed setup is in place, and ~/.password-store/.gpg-id
contains "SGT. Garcia <darwinsker...@gmail.com>", i will be able to log
in to your account with the password "bananas".
Does this attack make sense?
--dkg
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
