MD5->Blowfish method break openssh's authentication
thekevinday at gmail.com
Mon Jun 25 19:52:39 PDT 2007
On 6/25/07, Sebastian Faulborn <sfaulborn at web.de> wrote:
> >On 6/23/07, Robert Connolly <robert at linuxfromscratch.org <http://linuxfromscratch.org/mailman/listinfo/hlfs-dev>> wrote:
> >>/ I don't recall ever personally using libxcrypt with openssh, but I do remember
> />>/ someone emailing me about a function name conflict (openssh also has it's own
> />>/ xcrypt() function), and they got it to work with some minor modifications.
> >Now that may be the heart of the problem, I will look into this xcrypt
> >openssh function.
> >Kevin Day
> You don't need a patch for OpenSSH to work with libxcrypt. OpenSSH calls internally
> when logging in using passwords a function called xcrypt() which calls crypt() from
> libcrypt. Since the include file of libcrypt is symlinked to libxcrypt and the
> include file from libxcrypt defines crypt() as xcrypt(), OpenSSH ends up calling
> xcrypt() in a recursive loop until the stack overflows ("#define crypt xcrypt").
> Since no application I know of uses the xcrypt functions from crypt.h (they can from
> xcrypt.h), you simply need to rename the defines in the include file of libcrypt:
> 1) remove the symlink /usr/include/crypt.h -> xcrypt.h (if it exists)
> 2a) copy xcrypt.h -> crypt.h
> in crypt.h change...
> 2b) change the defines:
> #ifndef _XCRYPT_H
> #define _XCRYPT_H
> #ifndef _CRYPT_H
> #define _CRYPT_H
> 3) put comments in front of all defines of the following form:
> #define crypt xcrypt
> //#define crypt xcrypt
> 4) rename all functions which contain an "x" in its name:
> extern char *xcrypt (__const char *__key, __const char *__salt) __THROW;
> extern char *crypt (__const char *__key, __const char *__salt) __THROW;
> 5) now recompile OpenSSH and it should work
> Note: all changes are done after libxcrypt has been compiled. I am using
> libxcrypt V2.4.
> Hope this helps!
> Sebastian Faulborn
> Homepage: http://www.secure-slinux.org
Just beautiful. Worked flawlessly and effortlessly.
Thanks for the info, I can now use blowfish via openssh!
when you get a chance, robert, please update this on the hint
More information about the hlfs-dev