What about adding blowfish passwords which is a major improvement in
security.
Most people think that their server is save because they have done
everything
so nobody can break into their system from the outside.
However anyone who has access to the server could get the /etc/shadow
file (eg. reboot with Live-CD, get access to changed harddisk - replace
hotswap harddisk of raid1, etc.)
Its a matter of seconds to break md5 hashed passwords (eg. database
attack which works due to md5's small salt) or a brute force attack can
be done in hours/days due to its fast implementation.
Blowfish on the other hand can be made arbitrarily slow by defining a single
parameter - and hence can be adjusted to current hardware speed.
Due to the large salt, blowfish cannot be used with database attacks.
Installation is simple, allthough the hint has problems with OpenSSH:
- Ch.5 does not need blowfish passwords
Ch.6:
- suppress installation of libcrypt in glibc
- install libxcrypt as in hint after GCC, before coreutils (which
depends on libcrypt)
- instead of linking /usr/include/crypt.h to xcrypt.h, copy xcrypt.h and
patch it
so that all the x*(...) functions are replaced by their names as in the
glibc's
crypt.h (remove all the #define)
If you don't do the last step, OpenSSH will segfault when trying to login.
OpenSSH has a function xcrypt() which calls crypt() which is defined in
xcrypt.h and hence in crypt.h as a #define to xcrypt() which
causes OpenSSH to call xcrypt() in an infinte loop until the stack
overflows.
A few other packages also have problems compiling without the patch.
If you would like, I could supply the text/patch.
Sebastian Faulborn
Homepage: http://www.secure-slinux.org
--
http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
