Date: Sun, 18 Mar 2001 07:32:31 -0800 From: Nick Sayer <nsayer@quack.kfu.com> To: Matthew Emmerton <matt@gsicomp.on.ca> Cc: Juha Saarinen <juha@saarinen.org>, Matt of the Long Red Hair <mattp@conundrum.com>, freebsd-stable@FreeBSD.ORG Subject: Re: What about SRP auth for telnet and ftp? [was Re: SRA auth ] Message-ID: <3AB4D50F.1060704@quack.kfu.com> References: <LNBBIBDBFFCDPLBLLLHFAEENJHAA.juha@saarinen.org> <006e01c0af4b$b0f6dbb0$1200a8c0@gsicomp.on.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Emmerton wrote: >> Oh I see... it's the Secure RPC Authentication thingy. >> ftp://ftp.cerias.purdue.edu/pub/tools/unix/netutils/sra/sra.README > > > I've been working with Stanford's SRP stuff lately, and have had the passing > thought of adding support for it to the stock ftp and telnet daemons that > FreeBSD ships with. (Mainly because I was quite annoyed at the number of > things I had to fix with the telnetd that ships with the SRP distribution.) > > You can read more about SRP at http://www-cs-students.stanford.edu/~tjw/srp, > or in RFC 2945. > > Would anyone be interested in seeing SRP functionality added? I was considering doing this after the dust settled from the SRA import. At the time I realized that SRA was quite dated. It's not insecure per se (considering the alternative is plaintext), but the size of the constants in the DH are quite small and there is no mechanism for negotiating alternatives. In any event the weak link would end up being the fact that DES is what's actually used to exchange the authentication data. The only way to fix these flaws would be to break interoperability with existing SRA implementations. SSH already existed by then, but was not in the tree. My motivation was that if someone did a remote installation of some sort, their first post-install contact would have to be in plaintext -- someone sniffing could watch them log in, su to root, add an ssh package and log out. After that sessions would be protected, but the root password would have already been exposed once. SRA at least would require the sniffer to run a DES crack on the captured session. But then openssh was imported and the wind sort of left my sails. With ssh FreeBSD has a much more secure remote access facility installed by default. The only possible reason to revisit telnet would be if it was desired for interoperability. So far as I know no other distribution of *nix ships with SRP functionality, so that argument doesn't hold much water. But I suppose we could buck the trend of abandoning telnet in favor of ssh. The nice thing about patching telnet to add authentication types is that the actual patching is fairly limited -- the code just sort of lays alongside the rest in libtelnet. But if you're going to bother, the first thing you should do is add some better session encryption. All that's available right now are variations of single DES. The same variations of triple DES should be added and probably prefered. I once added support for using IDEA as an encryption type before I found out about the patent issues. In theory I could dig up those patches as an illustrative aid for adding additional enc types if it's not already fairly obvious how one does it. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AB4D50F.1060704>