Authentication over DJango
40 views
Skip to first unread message
Stone
Oct 18, 2012, 8:10:10 AM10/18/12
to django...@googlegroups.com
Dear users,
I would like to ask you how to implement feature which is used when you are connecting over SSH from one to another machine including
man in the middle attack.
Example:
After pressing on button it will ask me whether fingerprint is correct and after pressing on yes password window will be opened
and afterwords I have authentication between one machine to the another one over DJango.
Of course I know root password on both machines.
How to do it?
Thanks
Petr
I would like to ask you how to implement feature which is used when you are connecting over SSH from one to another machine including
man in the middle attack.
Example:
After pressing on button it will ask me whether fingerprint is correct and after pressing on yes password window will be opened
and afterwords I have authentication between one machine to the another one over DJango.
Of course I know root password on both machines.
How to do it?
Thanks
Petr
Nikolas Stevenson-Molnar
Oct 18, 2012, 1:43:00 PM10/18/12
to django...@googlegroups.com
I'm a little unclear about your question, but if I understand
correctly, you want to prevent man-in-the-middle attacks when
logging into a Django application? If that's the case, then it's not
really a Django issue; when you connect to a remote server via SSH,
it's the client which does that verification. In this case,
the client is your web browser, and the way you prevent such attacks
is to use HTTPS and a signed certificate from a certificate
authority.
_Nik
_Nik
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/-5rqluDKbVEJ.
To post to this group, send email to django...@googlegroups.com.
To unsubscribe from this group, send email to django-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Stone
Oct 18, 2012, 2:54:07 PM10/18/12
to Django users
Sorry for misundestanding.
I will try to make clean my problem.
I would like to make autentication between two servers over
authorized_keys.
I have program which has to possibilities
1) Console based application - this is already done and working
properly.
2) Web based application - exchanging authorized_keys is not done yet.
ad1) Steps in that case are:
- I am logging to the linux over SSH
- writedown command ssh -l engr <ip_address> or ssh engr@<ip_address>
- in case that I am logging at first time time I am receiving
fingerprint which I have to confirm over Yes
- now I have to enter password
- I am on another server and uploading authorized_keys
ad2) Steps in that case should be similar
- I am logging to web application over HTTPs
- After pressing on button I should receive fingerprint which I had to
confirm over dialog
- Next window will show me dialog about password
- I am logging on the another server an upload authorized keys.
Is it possible to do that scenario in second case?
How to do the pop window with fingerprint?
Entering password is no problem.
Hopefully now all is clear
best regards
Petr
On Oct 18, 7:43 pm, Nikolas Stevenson-Molnar <nik.mol...@consbio.org>
wrote:
I will try to make clean my problem.
I would like to make autentication between two servers over
authorized_keys.
I have program which has to possibilities
1) Console based application - this is already done and working
properly.
2) Web based application - exchanging authorized_keys is not done yet.
ad1) Steps in that case are:
- I am logging to the linux over SSH
- writedown command ssh -l engr <ip_address> or ssh engr@<ip_address>
- in case that I am logging at first time time I am receiving
fingerprint which I have to confirm over Yes
- now I have to enter password
- I am on another server and uploading authorized_keys
ad2) Steps in that case should be similar
- I am logging to web application over HTTPs
- After pressing on button I should receive fingerprint which I had to
confirm over dialog
- Next window will show me dialog about password
- I am logging on the another server an upload authorized keys.
Is it possible to do that scenario in second case?
How to do the pop window with fingerprint?
Entering password is no problem.
Hopefully now all is clear
best regards
Petr
On Oct 18, 7:43 pm, Nikolas Stevenson-Molnar <nik.mol...@consbio.org>
wrote:
> I'm a little unclear about your question, but if I understand correctly,
> you want to prevent man-in-the-middle attacks when logging into a Django
> application? If that's the case, then it's not really a Django issue;
> when you connect to a remote server via SSH, it's the /client /which
> you want to prevent man-in-the-middle attacks when logging into a Django
> application? If that's the case, then it's not really a Django issue;
Nikolas Stevenson-Molnar
Oct 18, 2012, 4:46:53 PM10/18/12
to django...@googlegroups.com
In the second scenario, HTTPS is basically giving you the same
benefit; your browser gets a certificate which is either
self-signed, or signed by an authority. If it's self-signed, your
browser will give you a scary-looking message about not trusting the
site until you add an exception (similar to accepting the SSH
fingerprint for the first time) for that certificate. Afterwards,
you'll only get the scary message if the certificate changes.
To put it another way, HTTPS is the defense against man-in-the-middle attacks, so it makes more sense to make full use of what it offers. http://en.wikipedia.org/wiki/HTTP_Secure#Difference_from_HTTP
_Nik
To put it another way, HTTPS is the defense against man-in-the-middle attacks, so it makes more sense to make full use of what it offers. http://en.wikipedia.org/wiki/HTTP_Secure#Difference_from_HTTP
_Nik
Reply all
Reply to author
Forward
0 new messages