Date: Thu, 20 Mar 2014 19:05:41 +0000 (UTC) From: Dru Lavigne <dru@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44302 - head/en_US.ISO8859-1/books/handbook/security Message-ID: <201403201905.s2KJ5fDk075628@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dru Date: Thu Mar 20 19:05:40 2014 New Revision: 44302 URL: http://svnweb.freebsd.org/changeset/doc/44302 Log: Editorial review of first 1/2 of OPIE chapter. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/security/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Mar 20 17:14:40 2014 (r44301) +++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml Thu Mar 20 19:05:40 2014 (r44302) @@ -620,75 +620,72 @@ Enter new password:</programlisting> </indexterm> <para>By default, &os; includes support for One-time Passwords In - Everything (<acronym>OPIE</acronym>), which uses the MD5 hash by + Everything (<acronym>OPIE</acronym>). <acronym>OPIE</acronym> + is designed to prevent replay attacks, in which an attacker + discovers a user's password and uses it to access a system. + Since a password is only used once in <acronym>OPIE</acronym>, a + discovered password is of little use to an attacker. + <acronym>OPIE</acronym> uses a secure hash and a + challenge/response system to manage passwords. The &os; + implementation uses the <acronym>MD5</acronym> hash by default.</para> - <para>There are three different types of passwords. The first is - the usual &unix; style or Kerberos password. The second is the - one-time password which is generated by &man.opiekey.1; and - accepted by &man.opiepasswd.1; and the login prompt. The final - type of password is the <quote>secret password</quote> used by - &man.opiekey.1;, and sometimes &man.opiepasswd.1;, to generate - one-time passwords.</para> - - <para>The secret password has nothing to do with the &unix; - password. They can be the same, but this is not recommended. - <acronym>OPIE</acronym> secret passwords are not limited to 8 - characters like old &unix; passwords<footnote><para>Under &os; - the standard login password may be up to 128 characters in - length.</para></footnote>. Passwords of six or seven word - long phrases are fairly common. For the most part, the - <acronym>OPIE</acronym> system operates completely independently - of the &unix; password system.</para> + <para><acronym>OPIE</acronym> uses three different types of passwords. The first is + the usual &unix; or Kerberos password. The second is the + one-time password which is generated by <command>opiekey</command>. + The third + type of password is the <quote>secret password</quote> which is used + to generate + one-time passwords. The secret password has nothing to do with, + and should be different from, the &unix; + password.</para> - <para>Besides the password, there are two other pieces of data + <para>There are two other pieces of data that are important to <acronym>OPIE</acronym>. One is the <quote>seed</quote> or <quote>key</quote>, consisting of two letters and five digits. The other is the <quote>iteration count</quote>, a number between 1 and 100. <acronym>OPIE</acronym> creates the one-time password by - concatenating the seed and the secret password, applying the MD5 + concatenating the seed and the secret password, applying the <acronym>MD5</acronym> hash as many times as specified by the iteration count, and - turning the result into six short English words. These six - English words are the one-time password. The authentication - system (primarily PAM) keeps track of the last one-time password + turning the result into six short English words which represent + the one-time password. The authentication + system keeps track of the last one-time password used, and the user is authenticated if the hash of the user-provided password is equal to the previous password. Because a one-way hash is used, it is impossible to generate future one-time passwords if a successfully used password is captured. The iteration count is decremented after each successful login to keep the user and the login program in sync. - When the iteration count gets down to 1, + When the iteration count gets down to <literal>1</literal>, <acronym>OPIE</acronym> must be reinitialized.</para> <para>There are a few programs involved in this process. - &man.opiekey.1; accepts an iteration count, a seed, and a secret - password, and generates a one-time password or a consecutive - list of one-time passwords. In addition to initializing + A one-time password, or a consecutive + list of one-time passwords, is generated by passing an iteration + count, a seed, and a secret + password to &man.opiekey.1;. In addition to initializing <acronym>OPIE</acronym>, &man.opiepasswd.1; is used to change - passwords, iteration counts, or seeds. It takes either a secret - passphrase, or an iteration count, seed, and a one-time - password. The relevant credential files in + passwords, iteration counts, or seeds. The relevant credential files in <filename>/etc/opiekeys</filename> are examined by &man.opieinfo.1; which prints out the invoking user's current iteration count and seed.</para> - <para>There are four different sorts of operations. The first is - to use &man.opiepasswd.1; over a secure connection to set up - one-time-passwords for the first time, or to change the password - or seed. The second operation is to use &man.opiepasswd.1; over - an insecure connection, in conjunction with &man.opiekey.1; over - a secure connection, to do the same. The third is to use - &man.opiekey.1; to log in over an insecure connection. The - fourth is to use &man.opiekey.1; to generate a number of keys - which can be written down or printed out to carry to insecure - locations in order to make a connection to anywhere.</para> + <para>This section describes four different sorts of operations. The first is + how to set up + one-time-passwords for the first time + over a secure connection. The second is how to use <command>opiepasswd</command> over + an insecure connection. The third is how to + log in over an insecure connection. The + fourth is how to generate a number of keys + which can be written down or printed out to use at insecure + locations.</para> <sect2> - <title>Secure Connection Initialization</title> + <title>Initializing <acronym>OPIE</acronym></title> <para>To initialize <acronym>OPIE</acronym> for the first time, - execute &man.opiepasswd.1;:</para> + run this command from a secure location:</para> <screen>&prompt.user; <userinput>opiepasswd -c</userinput> [grimreaper] ~ $ opiepasswd -f -c @@ -703,25 +700,38 @@ Again new secret pass phrase: ID unfurl OTP key is 499 to4268 MOS MALL GOAT ARM AVID COED</screen> - <para>At the <prompt>Enter new secret pass phrase:</prompt> or - <prompt>Enter secret password:</prompt> prompt, enter a - password or phrase. This is not the login password as this - password is used to generate the one-time login keys. The - <quote>ID</quote> line gives the parameters of the instance: - the login name, iteration count, and seed. When logging in, + <para>The <option>-c</option> sets console mode which assumes + that the command is being run from a secure location, such as + a computer under the user's control or a + <acronym>SSH</acronym> session to a computer under the user's + control.</para> + + <para>When prompted, enter the secret + password which will be + used to generate the one-time login keys. This password + should be difficult to guess and should be different than the + password which is associated with the user's login + account. It must be between 10 and 127 characters long. + Remember this password.</para> + + <para>The + <literal>ID</literal> line lists + the login name (<literal>unfurl</literal>), default iteration count + (<literal>499</literal>), and default seed + (<literal>to4268</literal>). When logging in, the system will remember these parameters and display them, meaning that they do not have to be memorized. The last line - gives the particular one-time password which corresponds to + lists the generated one-time password which corresponds to those parameters and the secret password. At the next login, - this one-time password is the one to use.</para> + use this one-time password.</para> </sect2> <sect2> <title>Insecure Connection Initialization</title> - <para>To initialize or change the secret password over an - insecure connection, a secure connection is needed to some - place where &man.opiekey.1; can be run. This might be a shell + <para>To initialize or change the secret password on an + insecure system, a secure connection is needed to some + place where <command>opiekey</command> can be run. This might be a shell prompt on a trusted machine. An iteration count is needed, where 100 is probably a good value, and the seed can either be specified or the randomly-generated one used. On the insecure
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403201905.s2KJ5fDk075628>