Re: [arch-general] How long do you make the passphrase for the private key?
I think the fact that it's not possible to be perfectly safe is not a good reason to not earnestly consider what you _can_ do to try to protect yourself. Of course you won't stand a chance if a nation-state is determined to get you, but that doesn't mean you should just give up and wing it, because the most relevant threats are probably much less capable in most cases. It's still a good idea to try to quantify one's threat model and what it would take to protect yourself, and then make a (somewhat) educated decision on how much effort one is willing to spend on it. /Emil On Tue, 25 Jun 2019, 01:14 Ralf Mardorf via arch-general, < arch-general@archlinux.org> wrote: > You want to make the packages available for general use. Does general > use require behavioral biometric verification and spring guns? > > Black hats are able to hack Google and Facebook, what ever you > will do, you never ever will be able to reach the level of security > those and the other most successful computer related companies are able > to accomplish. > > IMO an averaged "strong" but still memorizable passphrase, even when > following obsolet rules, is ok. >
Re: [arch-general] journalctl - configure date output persistent to short-iso
Hi Jens, *, Am 23.06.19 um 13:05 schrieb Jens John: > On Sun, 23 Jun 2019, at 00:22, Friedrich Strohmaier wrote: >> Anyone around who knows or did this already? [..] > Going by these facts, it seems like there is no way to archieve what you > want just with journalctl. Thats definitly not what I wanted to read, but well.. > If that's correct, there are 2 simple alternatives: > * alias journalctl='journalctl -o foo' > * Put a journalctl wrapper into a directory that is at the head of $PATH: > #!/bin/sh > exec /usr/sbin/journalctl -o foo "$@" Thanks for Your investigation and suggestion. That smells like a feature request at systemd guys, as I can't see any advantage having the recent date output as default. -- Friedrich
Re: [arch-general] How long do you make the passphrase for the private key?
You want to make the packages available for general use. Does general use require behavioral biometric verification and spring guns? Black hats are able to hack Google and Facebook, what ever you will do, you never ever will be able to reach the level of security those and the other most successful computer related companies are able to accomplish. IMO an averaged "strong" but still memorizable passphrase, even when following obsolet rules, is ok.
Re: [arch-general] How long do you make the passphrase for the private key?
Some ballpark numbers, rounded to one significant figure: 10 characters chosen truly randomly from an alphabet of 70 characters (e.g., [a-zA-Z0-9#$&_() =+/%]) is ~61 bits of entropy and will take just about 90 years to brute-force at 1e9 guesses per second, or 30 days at 1e12/s. The Bitcoin swarm is currently estimated to perform 60e18 hash guesses per second [1], so the 10-character password would be safe from the swarm for about 50 milliseconds, give or take a few orders of magnitude (depending on algorithm differences; mostly irrelevant for this discussion). 14 characters (85 bits) would be safe from the (current) swarm for about 10 days, 16 characters (98 bits) for about 200 years. 6 words chosen randomly (not a grammatically valid sentence!) from a list of 1000 words (59 bits) would take about 30 years to break at 1e9/s, and 10 days at 1e12/s. 9 words (89 bits) gives you half a year against the swarm, and 10 words (99 bits) gives you 500 years. So, somewhere between 10 and 16 random characters should probably be good enough, depending on how defensive you want to be. [1]: https://digiconomist.net/bitcoin-energy-consumption I personally use `pass` for password management and keep my PGP key on a YubiKey (full disclosure: I work for Yubico) with a 6-digit PIN, so my private key is not stored on disk and is protected against brute force attacks by blocking the key (effectively destroying the key) after too many incorrect PIN attempts (I also have an airgapped backup of the key, of course). /Emil On Mon, 24 Jun 2019, 22:37 Eli Schwartz via arch-general, < arch-general@archlinux.org> wrote: > On 6/24/19 4:31 PM, Manuel Reimer wrote: > > On 24.06.19 18:00, mpan wrote: > >>If you’re using a password manager, you should not care about the > >> password being “too long”. After all it’s not you who type it. Go for 16 > >> or 20 random chars. > > > > If the key is too complicated to remember or to type in manually, then I > > have to use a password manager which now saves my password to local disk > > again. Maybe encrypted with a master password. > > > > Then we are back at the starting problem. > > > > If someone can take my private key file, then he can also take my > > password manager database. > > > > How strong would you make this master password and where to save this > > one? A second password manager? > > > > I think if really someone takes over control over my PC, then I have to > > expect the password to be gone, too. I someone is really able to take my > > private key file, then I think he should also be able to install some > > kind of key logger. > > > > And I really think that finally someone *has* to come up with some > > replacement for this password nightmare. Some kind of hardware key maybe. > > > > I could protect the private signing key with an UUID (just call uuidgen > > on console). This should be pretty hard to crack but is impossible to > > remember so I would have to keep this written down somewhere and need > > this piece of paper every time I unlock the key for signing. > > I'm not sure where you're going with any of this. > > The purpose of a PGP signing key is that it does interesting crypto > things that prove your identity in a way that passwords don't (passwords > can be guessed). > > The purpose of password-protecting your PGP private key is to prevent > someone who gains access to the filesystem, from gaining access to the key. > > Password managers, like PGP keys, are things that "should be encrypted > with a password to prevent an attacker with disk access from gaining > your secret material". > > How you protect the master password for a password manager, has nothing > to do with whether it's intelligent to use a password in the first > place. Personally, I find it very easy to remember *one* master password > (or even, to be honest, two or three), which exists only in my own head > and unlocks the secrets that are stored on disk -- like PGP keys and > password databases. > > ... > > As for hardware keys, there is no need to come up with a replacement for > the password nightmare. Hardware keys have existed for some time now, > and they were already intended as a replacement for the password > "nightmare", something they do an excellent job at. Did you try getting > one? > > -- > Eli Schwartz > Bug Wrangler and Trusted User > >
Re: [arch-general] How long do you make the passphrase for the private key?
On 6/24/19 5:45 PM, Jude DaShiell wrote: > The last standard the United States Navy used before it migrated to > smartcards was 16 characters with at least two digits; at least two > upper-case, at least two lower-case, and at least two special > characters. A slight improvement on that would have been to insure the > pass phrase started and ended with a letter. > Unrelated to the topic at hand, these password recommendations have been outdated for about a decade. Additionally, that 'slight improvement' you're mentioning actually *decreases* the search-space required for bruteforcing... -- Rob (coderobe) O< ascii ribbon campaign - stop html mail - www.asciiribbon.org signature.asc Description: OpenPGP digital signature
Re: [arch-general] How long do you make the passphrase for the private key?
On 6/24/19 4:31 PM, Manuel Reimer wrote: > On 24.06.19 18:00, mpan wrote: >> If you’re using a password manager, you should not care about the >> password being “too long”. After all it’s not you who type it. Go for 16 >> or 20 random chars. > > If the key is too complicated to remember or to type in manually, then I > have to use a password manager which now saves my password to local disk > again. Maybe encrypted with a master password. > > Then we are back at the starting problem. > > If someone can take my private key file, then he can also take my > password manager database. > > How strong would you make this master password and where to save this > one? A second password manager? > > I think if really someone takes over control over my PC, then I have to > expect the password to be gone, too. I someone is really able to take my > private key file, then I think he should also be able to install some > kind of key logger. > > And I really think that finally someone *has* to come up with some > replacement for this password nightmare. Some kind of hardware key maybe. > > I could protect the private signing key with an UUID (just call uuidgen > on console). This should be pretty hard to crack but is impossible to > remember so I would have to keep this written down somewhere and need > this piece of paper every time I unlock the key for signing. I'm not sure where you're going with any of this. The purpose of a PGP signing key is that it does interesting crypto things that prove your identity in a way that passwords don't (passwords can be guessed). The purpose of password-protecting your PGP private key is to prevent someone who gains access to the filesystem, from gaining access to the key. Password managers, like PGP keys, are things that "should be encrypted with a password to prevent an attacker with disk access from gaining your secret material". How you protect the master password for a password manager, has nothing to do with whether it's intelligent to use a password in the first place. Personally, I find it very easy to remember *one* master password (or even, to be honest, two or three), which exists only in my own head and unlocks the secrets that are stored on disk -- like PGP keys and password databases. ... As for hardware keys, there is no need to come up with a replacement for the password nightmare. Hardware keys have existed for some time now, and they were already intended as a replacement for the password "nightmare", something they do an excellent job at. Did you try getting one? -- Eli Schwartz Bug Wrangler and Trusted User signature.asc Description: OpenPGP digital signature
Re: [arch-general] How long do you make the passphrase for the private key?
On 24.06.19 18:00, mpan wrote: If you’re using a password manager, you should not care about the password being “too long”. After all it’s not you who type it. Go for 16 or 20 random chars. If the key is too complicated to remember or to type in manually, then I have to use a password manager which now saves my password to local disk again. Maybe encrypted with a master password. Then we are back at the starting problem. If someone can take my private key file, then he can also take my password manager database. How strong would you make this master password and where to save this one? A second password manager? I think if really someone takes over control over my PC, then I have to expect the password to be gone, too. I someone is really able to take my private key file, then I think he should also be able to install some kind of key logger. And I really think that finally someone *has* to come up with some replacement for this password nightmare. Some kind of hardware key maybe. I could protect the private signing key with an UUID (just call uuidgen on console). This should be pretty hard to crack but is impossible to remember so I would have to keep this written down somewhere and need this piece of paper every time I unlock the key for signing. Manuel
Re: [arch-general] How long do you make the passphrase for the private key?
tl;dr: follow standard practices — there is nothing special about passwords for private keys. > I want to publish a package repository with some packages that I need > and only want to build once for all my systems. > > I want to make the packages available for general use. I have server > space for that so I only have to rsync my final repo to my server after > compiling my packages. > > I have my autobuild set up and signing seems to work, too. > > For convenience, I decided to make the passphrase not too long. This alone makes me raise an eyebrow and wonder, if the security is already compromised. > I have 10 characters with both, alphanumeric and "special characters". Is it coming from a proper CSPRNG or an unbiased random source? If not — in particular if was your brain that generated it, you have applied any changes to „make it easier to remember” or chosen one from a set of random passwords — you are close to having no password at all. But if it properly generated, it is meeting the often repeated password criteria: 8 characters in the past, becoming 10 nowadays. But that doesn’t mean it is fine. Random, compact passwords are hard to remember. Unless you’re using a password manager, you’re going to either make mistakes (like writing down the password) or you’ll undetake an unneccessary effort for little gain (remembering it). There are better ways. See diceware and friends: it lets you generate a password with very good entropy, but being easy to remember. If you’re using a password manager, you should not care about the password being “too long”. After all it’s not you who type it. Go for 16 or 20 random chars. > I think if the passphrase is meant to be uncrackable alone, then we > wouldn't need the big private key file, right? Those topics are unrelated. The password is only used to protect the key in case of a leak and plays no role in security based on that key. If the key is breakable, whether it is protected by a strong or weak pasword, or not protected at all is insignificant. The attack will not even consider the password. signature.asc Description: OpenPGP digital signature
Re: [arch-general] How long do you make the passphrase for the private key?
The last standard the United States Navy used before it migrated to smartcards was 16 characters with at least two digits; at least two upper-case, at least two lower-case, and at least two special characters. A slight improvement on that would have been to insure the pass phrase started and ended with a letter. On Mon, 24 Jun 2019, Manuel Reimer wrote: > Date: Mon, 24 Jun 2019 11:02:57 > From: Manuel Reimer > Reply-To: General Discussion about Arch Linux > To: arch-general@archlinux.org > Subject: [arch-general] How long do you make the passphrase for the private > key? > > Hello, > > I want to publish a package repository with some packages that I need and only > want to build once for all my systems. > > I want to make the packages available for general use. I have server space for > that so I only have to rsync my final repo to my server after compiling my > packages. > > I have my autobuild set up and signing seems to work, too. > > For convenience, I decided to make the passphrase not too long. > > I have 10 characters with both, alphanumeric and "special characters". > > I think if the passphrase is meant to be uncrackable alone, then we wouldn't > need the big private key file, right? > > Is my passphrase long enough? What do the trusted users think about this > topic? > > Thanks in advance > > Manuel > > --
[arch-general] How long do you make the passphrase for the private key?
Hello, I want to publish a package repository with some packages that I need and only want to build once for all my systems. I want to make the packages available for general use. I have server space for that so I only have to rsync my final repo to my server after compiling my packages. I have my autobuild set up and signing seems to work, too. For convenience, I decided to make the passphrase not too long. I have 10 characters with both, alphanumeric and "special characters". I think if the passphrase is meant to be uncrackable alone, then we wouldn't need the big private key file, right? Is my passphrase long enough? What do the trusted users think about this topic? Thanks in advance Manuel
