[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: EPS support in future pam_unix replacement

From: Tom Wu <tom arcot com>
To: pam-list redhat com
Subject: Re: EPS support in future pam_unix replacement
Date: Thu, 31 Aug 2000 19:59:42 -0700

Solar Designer wrote:
> 
> [ There's something seriously broken with pam-list.  I'm receiving
> lots of duplicates of old posts.  However, it's the first time I've
> received the one I'm replying to. ]
> 
> [ I've changed the subject as we've been discussing too many topics
> under the old one ("2nd Qs: proposed description of new pam_unix"). ]
> 
> > > prefix=                 -- will use the traditional DES-based hashes
> > > prefix=xy               -- the same (could use any valid salt)
> > > prefix=$1$              -- FreeBSD-style MD5-based hashes (replaces "md5")
> > > prefix=_ count=100001   -- BSDI/FreeSec extended/"new-style" DES-based hashes
> > > prefix=$2a$ count=8     -- OpenBSD-style Blowfish-based hashes
> >
> > The only suggestion I'd make would be to ensure that the SHA-1 based EPS
> > hashes were also properly supported, as they are starting to see wide
> > use.  I'd be willing to help with the integration.
> 
> Do you suggest that we support EPS hashes within the same PAM module?
> If yes, do you also suggest that we support them within the libcrypt
> interface I've proposed (and implemented as a glibc/libcrypt patch)?

Yes.  If MD5/Blowfish-style hashes are implemented there, EPS hashes
should go there as well.

> The latter would imply that we implement an equivalent of t_makepwent()
> within crypt(3) in libcrypt.
> 
> Let me also suggest something: stop using non-iterated SHA-1 hashes
> before they're used any wider.  Use a modern iterated hash intended
> for passwords instead.  It would be best to use crypt(3) available on
> the system, and let the administrator choose the hashing method (with
> a prefix/count pair).

Why?  The combination of SHA1 and modexp used in EPS seems to give a
pretty good level of security.  If it makes you feel any better, the
hash can be iterated if an optional count is specified.

> With the SHA-1 hashes, I'd rather avoid using SRP/EPS on my systems.

I don't understand this comment - the EPS hashes work pretty well on my
systems, and SRP solves a bunch of network security problems once EPS
passwords are set.

> Signed,
> Solar Designer
-- 
Tom Wu
Principal Software Engineer
Arcot Systems Inc.
(408) 969-6124

Follow-Ups:
- Re: EPS support in future pam_unix replacement
  - From: Solar Designer <solar@false.com>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []