* [FEATURE] Support Argon2id Passwords - Updated go module github.com/simia-tech/crypt - Added Argon2id support for file based authentication backend - Made it the default method - Made it so backwards compatibility with SHA512 exists - Force seeding of the random string generator used for salts to ensure they are all different - Added command params to the authelia hash-password command - Automatically remove {CRYPT} from hashes as they are updated - Automatically change hashes when they are updated to the configured algorithm - Made the hashing algorithm parameters completely configurable - Added reasonably comprehensive test suites - Updated docs - Updated config template * Adjust error output * Fix unit test * Add unit tests and argon2 version check * Fix new unit tests * Update docs, added tests * Implement configurable values and more comprehensive testing * Added cmd params to hash_password, updated docs, misc fixes * More detailed error for cmd, fixed a typo * Fixed cmd flag error, minor refactoring * Requested Changes and Minor refactoring * Increase entropy * Update docs for entropy changes * Refactor to reduce nesting and easier code maintenance * Cleanup Errors (uniformity for the function call) * Check salt length, fix docs * Add Base64 string validation for argon2id * Cleanup and Finalization - Moved RandomString function from ./internal/authentication/password_hash.go to ./internal/utils/strings.go - Added SplitStringToArrayOfStrings func that splits strings into an array with a fixed max string len - Fixed an error in validator that would allow a zero salt length - Added a test to verify the upstream crypt module supports our defined random salt chars - Updated docs - Removed unused "HashingAlgorithm" string type * Update crypt go mod, support argon2id key length and major refactor * Config Template Update, Final Tests * Use schema defaults for hash-password cmd * Iterations check * Docs requested changes * Test Coverage, suggested edits * Wording edit * Doc changes * Default sanity changes * Default sanity changes - docs * CI Sanity changes * Memory in MB
7.1 KiB
layout | title | parent | grand_parent | nav_order |
---|---|---|---|---|
default | File | Authentication backends | Configuration | 1 |
File
Authelia supports a file as a users database.
Configuration
Configuring Authelia to use a file is done by specifying the path to the file in the configuration file.
authentication_backend:
file:
path: /var/lib/authelia/users.yml
password_hashing:
algorithm: argon2id
iterations: 1
salt_length: 16
parallelism: 8
memory: 1024
Password hashing configuration settings
algorithm
- Value Type: String
- Possible Value:
argon2id
andsha512
- Recommended:
argon2id
- What it Does: Changes the hashing algorithm
iterations
- Value Type: Int
- Possible Value:
1
or higher for argon2id and1000
or higher for sha512 (will automatically be set to1000
on lower settings) - Recommended:
1
for theargon2id
algorithm and50000
forsha512
- What it Does: Adjusts the number of times we run the password through the hashing algorithm
key_length
- Value Type: Int
- Possible Value:
16
or higher. - Recommended:
32
or higher. - What it Does: Adjusts the length of the actual hash
salt_length
- Value Type: Int
- Possible Value: between
2
and16
- Recommended:
16
- What it Does: Adjusts the length of the random salt we add to the password, there is no reason not to set this to 16
parallelism
- Value Type: Int
- Possible Value:
1
or higher - Recommended:
8
or twice your CPU cores - What it Does: Sets the number of threads used for hashing
memory
- Value Type: Int
- Possible Value: at least
8
times the value ofparallelism
- Recommended:
1024
(1GB) or as much RAM as you can afford to give to hashing - What it Does: Sets the amount of RAM used in MB for hashing
Examples for specific systems
These examples have been tested against a single system to make sure they roughly take 0.5 seconds each. Your results may vary depending on individual specification and utilization, but they are a good guide to get started. You should however read How to choose the right parameters for Argon2.
System | Iterations | Parallelism | Memory |
---|---|---|---|
Raspberry Pi 2 | 1 | 8 | 64 |
Raspberry Pi 3 | 1 | 8 | 128 |
Raspberry Pi 4 | 1 | 8 | 128 |
Intel G5 i5 NUC | 1 | 8 | 1024 |
Format
The format of the users file is as follows.
users:
john:
password: "$argon2id$v=19$m=65536,t=3,p=2$BpLnfgDsc2WD8F2q$o/vzA4myCqZZ36bUGsDY//8mKUYNZZaR0t4MFFSs+iM"
email: john.doe@authelia.com
groups:
- admins
- dev
harry:
password: "$argon2id$v=19$m=65536,t=3,p=2$BpLnfgDsc2WD8F2q$o/vzA4myCqZZ36bUGsDY//8mKUYNZZaR0t4MFFSs+iM"
email: harry.potter@authelia.com
groups: []
bob:
password: "$argon2id$v=19$m=65536,t=3,p=2$BpLnfgDsc2WD8F2q$o/vzA4myCqZZ36bUGsDY//8mKUYNZZaR0t4MFFSs+iM"
email: bob.dylan@authelia.com
groups:
- dev
james:
password: "$argon2id$v=19$m=65536,t=3,p=2$BpLnfgDsc2WD8F2q$o/vzA4myCqZZ36bUGsDY//8mKUYNZZaR0t4MFFSs+iM"
email: james.dean@authelia.com
This file should be set with read/write permissions as it could be updated by users resetting their passwords.
Passwords
The file contains hashed passwords instead of plain text passwords for security reasons.
You can use Authelia binary or docker image to generate the hash of any password. The
hash-password command has many tunable options, you can view them with the
authelia hash-password --help
command. For example if you wanted to improve the entropy
you could generate a 16 byte salt and provide it with the --salt
flag.
Example: authelia hash-password --salt abcdefghijklhijl
. For argon2id the salt must
always be valid for base64 decoding (characters a through z, A through Z, 0 through 9, and +/).
For instance to generate a hash with the docker image just run:
$ docker run authelia/authelia:latest authelia hash-password yourpassword
$ Password hash: $argon2id$v=19$m=65536$3oc26byQuSkQqksq$zM1QiTvVPrMfV6BVLs2t4gM+af5IN7euO0VB6+Q8ZFs
Full CLI Help Documentation:
Hash a password to be used in file-based users database. Default algorithm is argon2id.
Usage:
authelia hash-password [password] [flags]
Flags:
-h, --help help for hash-password
-i, --iterations int set the number of hashing iterations (default 1)
-k, --key-length int [argon2id] set the key length param (default 32)
-m, --memory int [argon2id] set the amount of memory param (in MB) (default 1024)
-p, --parallelism int [argon2id] set the parallelism param (default 8)
-s, --salt string set the salt string
-l, --salt-length int set the auto-generated salt length (default 16)
-z, --sha512 use sha512 as the algorithm (defaults iterations to 50000, change with -i)
Password hash algorithm
The default hash algorithm is salted Argon2id version 19. Argon2id is currently considered the best hashing algorithm, and in 2015 won the Password Hashing Competition. It benefits from customizable parameters allowing the cost of computing a hash to scale into the future which makes it harder to brute-force. Argon2id was implemented due to community feedback as you can see in this closed issue.
Additionally SHA512 is supported for backwards compatibility and user choice. While it's a reasonable hash function given high enough iterations, as hardware gets better it has a higher chance of being brute-forced.
Hashes are identifiable as argon2id or SHA512 by their prefix of either $argon2id$
and $6$
respectively, as described in this wiki page.
Password hash algorithm tuning
All algorithm tuning is supported for Argon2id. The only configuration variables that affect
SHA512 are iterations and salt length. The configuration variables are unique to the file
authentication provider, thus they all exist in a key under the file authentication configuration
key called password_hashing
. We have set what are considered as sane and recommended defaults
to cater for a reasonable system, if you're unsure about which settings to tune, please see the
parameters above, or for a more in depth understanding see the referenced documentation.
Argon2 Links
How to choose the right parameters for Argon2