From owner-freebsd-current@FreeBSD.ORG Fri Mar 7 23:07:27 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9370FCB5; Fri, 7 Mar 2014 23:07:27 +0000 (UTC) Received: from h2.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 65FA2ACA; Fri, 7 Mar 2014 23:07:27 +0000 (UTC) Received: from h2.funkthat.com (localhost [127.0.0.1]) by h2.funkthat.com (8.14.3/8.14.3) with ESMTP id s27N7Huw017569 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 7 Mar 2014 15:07:17 -0800 (PST) (envelope-from jmg@h2.funkthat.com) Received: (from jmg@localhost) by h2.funkthat.com (8.14.3/8.14.3/Submit) id s27N7GMj017568; Fri, 7 Mar 2014 15:07:16 -0800 (PST) (envelope-from jmg) Date: Fri, 7 Mar 2014 15:07:16 -0800 From: John-Mark Gurney To: Allan Jude Subject: Re: Feature Proposal: Transparent upgrade of crypt() algorithms Message-ID: <20140307230715.GA17019@funkthat.com> Mail-Followup-To: Allan Jude , d@delphij.net, nanoman@nanoman.ca, secteam@freebsd.org, Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= , freebsd-current@freebsd.org References: <2167732.JmQmEPMV2N@desktop.reztek> <201403070913.30359.jhb@freebsd.org> <5319DE84.3040602@allanjude.com> <20140307161313.GA49137@nanocomputer.nanoman.ca> <531A2CC1.8080802@allanjude.com> <20140307215223.GB49137@nanocomputer.nanoman.ca> <531A42F3.5020207@delphij.net> <531A4DE1.3070507@allanjude.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <531A4DE1.3070507@allanjude.com> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.2-RELEASE i386 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.2 (h2.funkthat.com [127.0.0.1]); Fri, 07 Mar 2014 15:07:17 -0800 (PST) Cc: nanoman@nanoman.ca, freebsd-current@freebsd.org, d@delphij.net, secteam@freebsd.org, Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 23:07:27 -0000 Allan Jude wrote this message on Fri, Mar 07, 2014 at 17:53 -0500: > On 2014-03-07 17:06, Xin Li wrote: > > Hi, > > > > On 03/07/14 13:52, A.J. Kehoe IV (Nanoman) wrote: > >> Allan Jude wrote: > >>> On 2014-03-07 11:13, A.J. Kehoe IV (Nanoman) wrote: > >>>> Allan Jude wrote: > >>>> > >>>> [...] > >>>> > >>>>> Honestly, my use case is just silently upgrading the strength > >>>>> of the hashing algorithm (when combined with my other feature > >>>>> request). Updating my bcrypt hashes from $2a$04$ to $2b$12$ > >>>>> or something. Same applies for the default sha512, maybe I > >>>>> want to update to rounds=15000 > >>>> > >>>> Like this? > >>>> > >>>> http://www.freebsd.org/cgi/query-pr.cgi?pr=182518 > >>>> > >>>> Request for comments: > >>>> > >>>> http://docs.freebsd.org/cgi/mid.cgi?20140106205156.GD4903 > >>>> > >>> > >>> This looks like what we wanted. In the feedback you talked about > >>> some changes to your patch required to make it work, is there any > >>> progress on those? > > > >> Derek's patches worked perfectly for our needs, but we're the sort > >> of people who use vipw and our own utilities for user management. > >> It wasn't until later that we discovered at least one other file > >> would need patching to satisfy everyone. We didn't want to employ > >> the same copy-pasta method, so we asked for feedback about our > >> proposed alternative. > > > >> secteam@, do you have any comments? Before we put any more work > >> into this, we want to be sure that our proposal is an acceptable > >> one. > > > > > > Did you mean adding rounds capability, or transparent upgrade of > > crypt() algorithms, or both? > > There are 2 separate but related threads > > 1) specify rounds for crypt() > > 2) transparent upgrade of crypt() algo (or more likely just number of > rounds) Can't the two be merged... where 2 becomes a flag in login.conf instead of an algo fetch, and then if it's true, it does the algo fetch from 1? I really would like us to get 1 in, and then on boot dynamicly adjust the number of rounds depending upon CPU usage... obviously, a flag will adjust how long/many rounds the admin wants, but it would allow an automatic increase in security as faster CPUs are used... Anyways, how many people are still using passwords instead of ssh keys? Setting the time to be something like 100ms may seem long, but considering few people should be using passwords these days, it's less of an issue... Xin Li, if you need help reviewing, testing, let me know... > > I need some time to digest the whole transparent upgrade idea but in > > general I think it's good. > > > > Speaking for adding rounds, the only problem that needs to be fixed is > > that the proposed patch makes it possible to create conflicting > > configuration (passwd_format and passwd_modular can use different > > hashing algorithms) and need to be fixed and polished. I like the > > idea of making it possible to use more rounds though. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."