File: terminology.md

package info (click to toggle)
erlang 1%3A27.3.4.1%2Bdfsg-1
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 225,000 kB
  • sloc: erlang: 1,658,966; ansic: 405,769; cpp: 177,850; xml: 82,435; makefile: 15,031; sh: 14,401; lisp: 9,812; java: 8,603; asm: 6,541; perl: 5,836; python: 5,484; sed: 72
file content (162 lines) | stat: -rw-r--r-- 6,241 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
 
<!--
%CopyrightBegin%

Copyright Ericsson AB 2023-2024. All Rights Reserved.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

%CopyrightEnd%
-->
# Terminology

## General Information

In the following terms that may cause confusion are explained.

## The term "user"

A "user" is a term that everyone understands intuitively. However, the
understandings may differ which can cause confusion.

The term is used differently in [OpenSSH](http://www.openssh.com) and SSH in
Erlang/OTP. The reason is the different environments and use cases that are not
immediately obvious.

This chapter aims at explaining the differences and giving a rationale for why
Erlang/OTP handles "user" as it does.

### In OpenSSH

Many have been in contact with the command 'ssh' on a Linux machine (or similar)
to remotly log in on another machine. One types

```text
ssh host
```

to log in on the machine named `host`. The command prompts for your password on
the remote `host` and then you can read, write and execute as your _user name_
has rights on the remote `host`. There are stronger variants with
pre-distributed keys or certificates, but that are for now just details in the
authentication process.

You could log in as the user `anotheruser` with

```text
ssh anotheruser@host
```

and you will then be enabled to act as `anotheruser` on the `host` if authorized
correctly.

So what does _"your user name has rights"_ mean? In a UNIX/Linux/etc context it
is exactly as that context: The _user_ could read, write and execute programs
according to the OS rules. In addition, the user has a home directory (`$HOME`)
and there is a `$HOME/.ssh/` directory with ssh-specific files.

#### SSH password authentication

When SSH tries to log in to a host, the ssh protocol communicates the user name
(as a string) and a password. The remote ssh server checks that there is such a
user defined and that the provided password is acceptable.

If so, the user is authorized.

#### SSH public key authentication

This is a stronger method where the ssh protocol brings the user name, the
user's public key and some cryptographic information which we could ignore here.

The ssh server on the remote host checks:

- That the _user_ has a home directory,
- that home directory contains a .ssh/ directory and
- the .ssh/ directory contains the public key just received in the
  `authorized_keys` file

if so, the user is authorized.

#### The SSH server on UNIX/Linux/etc after a successful authentication

After a successful incoming authentication, a new process runs as the just
authenticated user.

Next step is to start a service according to the ssh request. In case of a
request of a shell, a new one is started which handles the OS-commands that
arrives from the client (that's "you").

In case of a sftp request, an sftp server is started in with the user's rights.
So it could read, write or delete files if allowed for that user.

### In Erlang/OTP SSH

For the Erlang/OTP SSH server the situation is different. The server executes in
an Erlang process in the Erlang emulator which in turn executes in an OS
process. The emulator does not try to change its user when authenticated over
the SSH protocol. So the remote user name is only for authentication purposes in
the Erlang/OTP SSH application.

#### Password authentication in Erlang SSH

The Erlang/OTP SSH server checks the user name and password in the following
order:

1. If a [`pwdfun`](`m:ssh#option-pwdfun`) is defined, that one is called and the
   returned boolean is the authentication result.
1. Else, if the [`user_passwords`](`m:ssh#option-user_passwords`) option is
   defined and the username and the password matches, the authentication is a
   success.
1. Else, if the option [`password`](`m:ssh#option-password`) is defined and
   matches the password the authentication is a success. Note that the use of
   this option is not recommended in non-test code.

#### Public key authentication in Erlang SSH

The user name, public key and cryptographic data (a signature) that is sent by
the client are used as follows (some steps left out for clarity):

1. A callback module is selected using the options
   [`key_cb`](`t:ssh:key_cb_common_option/0`).
1. The callback module is used to check that the provided public key is one of
   the user's pre-stored. In case of the default callback module, the files
   `authorized_keys` and `authorized_keys2` are searched in a directory found in
   the following order:

- If the option [`user_dir_fun`](`t:ssh_file:user_dir_fun_common_option/0`) is
  defined, that fun is called and the returned directory is used,
- Else, If the option [`user_dir`](`t:ssh_file:user_dir_common_option/0`) is
  defined, that directory is used,
- Else the subdirectory `.ssh` in the home directory of the user executing the
  OS process of the Erlang emulator is used.

If the provided public key is not found, the authentication fails.

1. Finally, if the provided public key is found, the signature provided by the
   client is checked with the public key.

#### The Erlang/OTP SSH server after a successful authentication

After a successful authentication an _Erlang process_ is handling the service
request from the remote ssh client. The rights of that process are those of the
user of the OS process running the Erlang emulator.

If a shell service request arrives to the server, an _Erlang shell_ is opened in
the server's emulator. The rights in that shell is independent of the just
authenticated user.

In case of an sftp request, an sftp server is started with the rights of the
user of the Erlang emulator's OS process. So with sftp the authenticated user
does not influence the rights.

So after an authentication, the user name is not used anymore and has no
influence.