From owner-freebsd-questions@freebsd.org Wed Aug 21 13:38:22 2019 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 75CF2C8DFC for ; Wed, 21 Aug 2019 13:38:22 +0000 (UTC) (envelope-from cjr@mail.cruwe.de) Received: from mail.cruwe.de (mail.cruwe.de [136.243.88.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 46D7z133Nnz3yPL for ; Wed, 21 Aug 2019 13:38:21 +0000 (UTC) (envelope-from cjr@mail.cruwe.de) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by mail.cruwe.de (Postfix) with ESMTPA id AD9821A6C for ; Wed, 21 Aug 2019 13:38:12 +0000 (UTC) Message-ID: <460ffc8a5bcb5d429b92a51915f071b38b439f0b.camel@mail.cruwe.de> Subject: (off-topic) Broadly accepted standards for (not?) logging credentials From: "Christopher J. Ruwe" To: freebsd-questions@freebsd.org Date: Wed, 21 Aug 2019 13:38:10 +0000 Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mail.cruwe.de; s=dkim; t=1566394692; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references; bh=YDc+7XQ4CUnmmk2MqUl+12rm/1CUznkfueqBJ6n2+14=; b=ybqohjjMqulc3CSY1gqRIkwV8lvnf4qCFeRlD3bLA8TKctf1f/zmob9bRUk9fs6yHWqYN+ 5+uPdmqUT6XoES5y2YPTGeoaYKVZiXDL1H6op38QNyeuj/ORdRhIuEc+Y3WZ6v14DCGuQR Y4kjLvUCsnufq866gjauZxDIqeQgj3M= ARC-Seal: i=1; s=dkim; d=mail.cruwe.de; t=1566394692; a=rsa-sha256; cv=none; b=sJGnZWccYI4wADc5nelJwhe8i6AfosYVW3O2v4H+ibRiC8g1dK3bmyMIai4aqpaKZYVwqZVY9/DnbeXq3vrd667jpbEoOUW3s1J/8KjoDk4MWfdTleFWNmPYn6rsn35ACTyds3KUnqrQOVvJTKyCi/zCti0ObWrYD4M6am8a27E= ARC-Authentication-Results: i=1; mail.cruwe.de; auth=pass smtp.auth=cjr@mail.cruwe.de smtp.mailfrom=cjr@mail.cruwe.de X-Rspamd-Queue-Id: 46D7z133Nnz3yPL X-Spamd-Bar: ----- X-Spamd-Result: default: False [-5.71 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[mail.cruwe.de:s=dkim]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; IP_SCORE(-1.23)[ipnet: 136.243.0.0/16(-4.28), asn: 24940(-1.86), country: DE(-0.01)]; MV_CASE(0.50)[]; DKIM_TRACE(0.00)[mail.cruwe.de:+]; DMARC_POLICY_ALLOW(-0.50)[mail.cruwe.de,quarantine]; NEURAL_HAM_SHORT(-0.98)[-0.983,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:24940, ipnet:136.243.0.0/16, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; SUBJECT_HAS_QUESTION(0.00)[]; ARC_ALLOW(-1.00)[i=1] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Aug 2019 13:38:22 -0000 Hi, sorry for being severely off-topic. However, the freebsd-*@s are always my last resort when I simply do not know who to ask. >From my understanding (and several colleagues I asked concur) it is absolutely verboten / tabu / you name it to ever log credentials in clear-text, even with debug-flags on etc. The specific case is logging the credentials of a remote storage filer in a console session, but that should not matter. Debug sessions may be shared with non-privileged personnel, are switched on for just this one time, I promise, and then forgotten, and slowly, but certainly and irrevocably, credentials leak unto the point when a secret is no secret anymore, but essentially public domain. I have a support call open with a vendor where the other side does not agree. If it is not I who is too conservative (which I hope), does anybody know of any well-known and battle-proven document from an authoritative source (RFCs, IEEE, ...) with which to beat people until they promise not to log secrets? Thanks and cheers, -- Christopher J. Ruwe