[Swan] Authentication with pam_url and nonces

Paul Wouters paul at nohats.ca
Mon Feb 7 02:56:48 EET 2022

On Sun, 6 Feb 2022, Mirsad Goran Todorovac wrote:

> The passwordless authentication over pam_url used with IKEv2 with the 
> certificates was considered
> a source of brute force attacks and a dangerous module to implement for it 
> could allow everyone to
> access the system if accidentally left as the only and sufficient module in 
> PAM stack.

You can't really brute force the certificate validation part.

The pam module is just an _additional_ restriction that can restrict an
otherwise validated certificate. It is never even called for invalid,
bad or revoked certificates as the connection is rejected before the pam
phase due to the failed verification.

> So, the main question appears to be if there is a smarter way of preventing 
> brute force replay attacks

IKE has build-in protection against replay attacks. Both sides you a
nonce for different connection attempts. So it is always different and
there is no replaying possible.


More information about the Swan mailing list