Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 9 Aug 2006 15:30:40 -0400
From:      Garance A Drosehn <gad@FreeBSD.org>
To:        Antony Mawer <fbsd-questions@mawer.org>, "Marc G. Fournier" <scrappy@FreeBSD.org>
Cc:        freebsd-questions@FreeBSD.org
Subject:   Re: BSDstats Project v2.0 ...
Message-ID:  <p06230912c0ffe4100c7c@[128.113.24.47]>
In-Reply-To: <44D91F02.90107@mawer.org>
References:  <20060807003815.C7522@ganymede.hub.org> <20060808102819.GB64879@augusta.de> <20060808153921.V7522@ganymede.hub.org>	<44D8EC98.8020801@utdallas.edu> <20060808201359.S7522@ganymede.hub.org> <44D91F02.90107@mawer.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
At 9:32 AM +1000 8/9/06, Antony Mawer wrote:
>
>What if we improved upon this - if instead of storing
>the hostname and IP address, we stored a one-way hash
>of this information? OpenSSH in recent versions takes
>the same approach with its authorized_keys files...

A scattered list of ideas:

It might be useful to keep part of the domain-name
in plain-text.  Just a minimal part, such as '.edu'
or '.co.uk'.  So that would be one value sent/saved.

Then have an MD5 hash of `hostname` (hashing the full
hostname, including full domain), or maybe a hash of
the output from: hostname ; ifconfig | grep ether

Eg:   hostname ; ifconfig | grep ether
       freefour.acs.rpi.edu
               ether 00:09:5b:01:02:03
               ether 00:11:09:09:08:07
(this machine has two ethernet cards in it, and no,
those are not the real MAC addresses of the cards... :-)

==>   (hostname ; ifconfig | grep ether) | md5
       0670be39b40dc52d996e1a6dcee6cca7

Maybe combine that with the partial-domain, to get
       0670be39b40dc52d996e1a6dcee6cca7.edu

Further, whatever value you decide to use to create a
unique value, you could just save that value away in
some file under /var/db .  If the file does not exist,
then create it and store the probably-unique value.
That way you can pick some algorithm which should
produce a unique result, and not worry if the value
of that algorithm might change (on a single machine)
over time.  You'll only calculate it once, and then
keep using that result.

-- 
Garance Alistair Drosehn     =               drosehn@rpi.edu
Senior Systems Programmer               or   gad@FreeBSD.org
Rensselaer Polytechnic Institute;             Troy, NY;  USA

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p06230912c0ffe4100c7c>