0.2 Roadmap

Sebastian Faulborn sfaulborn at web.de
Wed Jul 26 06:11:33 PDT 2006


What about adding blowfish passwords which is a major improvement in 
security.

Most people think that their server is save because they have done 
everything
so nobody can break into their system from the outside.

However anyone who has access to the server could get the /etc/shadow
file (eg. reboot with Live-CD, get access to changed harddisk - replace
hotswap harddisk of raid1, etc.)

Its a matter of seconds to break md5 hashed passwords (eg. database
attack which works due to md5's small salt) or a brute force attack can
be done in hours/days due to its fast implementation.

Blowfish on the other hand can be made arbitrarily slow by defining a single
parameter - and hence can be adjusted to current hardware speed.
Due to the large salt, blowfish cannot be used with database attacks.

Installation is simple, allthough the hint has problems with OpenSSH:
- Ch.5 does not need blowfish passwords
Ch.6:
- suppress installation of libcrypt in glibc
- install libxcrypt as in hint after GCC, before coreutils (which 
depends on libcrypt)
- instead of linking /usr/include/crypt.h to xcrypt.h, copy xcrypt.h and 
patch it
so that all the x*(...) functions are replaced by their names as in the 
glibc's
crypt.h (remove all the #define)

If you don't do the last step, OpenSSH will segfault when trying to login.
OpenSSH has a function xcrypt() which calls crypt() which is defined in
xcrypt.h and hence in crypt.h as a #define to xcrypt() which
causes OpenSSH to call xcrypt() in an infinte loop until the stack 
overflows.
A few other packages also have problems compiling without the patch.

If you would like, I could supply the text/patch.

Sebastian Faulborn
Homepage: http://www.secure-slinux.org








More information about the hlfs-dev mailing list