From owner-freebsd-questions@FreeBSD.ORG Mon Jan 8 18:56:52 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 772AA16A5D7 for ; Mon, 8 Jan 2007 18:56:52 +0000 (UTC) (envelope-from youshi10@u.washington.edu) Received: from mxout5.cac.washington.edu (mxout5.cac.washington.edu [140.142.32.135]) by mx1.freebsd.org (Postfix) with ESMTP id 54D6E13C457 for ; Mon, 8 Jan 2007 18:56:52 +0000 (UTC) (envelope-from youshi10@u.washington.edu) Received: from smtp.washington.edu (smtp.washington.edu [140.142.32.139]) by mxout5.cac.washington.edu (8.13.7+UW06.06/8.13.7+UW06.09) with ESMTP id l08IupkZ021767 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Mon, 8 Jan 2007 10:56:51 -0800 X-Auth-Received: from [192.168.0.102] (dsl254-013-145.sea1.dsl.speakeasy.net [216.254.13.145]) (authenticated authid=youshi10) by smtp.washington.edu (8.13.7+UW06.06/8.13.7+UW06.09) with ESMTP id l08IupeK026433 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT) for ; Mon, 8 Jan 2007 10:56:51 -0800 Mime-Version: 1.0 (Apple Message framework v752.2) In-Reply-To: <20070108183645.GF41724@dan.emsphone.com> References: <20070108175314.27ce391f@gumby.homeunix.com> <20070108183645.GF41724@dan.emsphone.com> X-Gpgmail-State: !signed Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Garrett Cooper Date: Mon, 8 Jan 2007 10:56:50 -0800 To: freebsd-questions@freebsd.org X-Mailer: Apple Mail (2.752.2) X-PMX-Version: 5.2.2.285561, Antispam-Engine: 2.5.0.283055, Antispam-Data: 2007.1.8.104432 X-Uwash-Spam: Gauge=IIIIIII, Probability=7%, Report='__CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __SANE_MSGID 0' Subject: Re: pwgen's seeding looks insecure X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jan 2007 18:56:52 -0000 On Jan 8, 2007, at 10:36 AM, Dan Nelson wrote: > In the last episode (Jan 08), RW said: >> Someone recently recommended sysutils/pwgen for generating user >> passwords. Out of curiosity I had a look at how it works, and I >> don't like the look of its PRNG initialization: >> >> >> #ifdef RAND48 >> srand48((time(0)<<9) ^ (getpgrp()<<15) ^ (getpid()) ^ (time(0) >> >>11)); >> #else >> srand(time(0) ^ (getpgrp() << 8) + getpid()); >> #endif >> >> If pwgen is called from an account creation script, time(0) can be >> inferred from timestamps, e.g. on a home-directory, so that just >> leaves >> getpid() and getpgrp(). PIDs are allocated sequentially and >> globally, >> so getpid() is highly predictable. I don't know much about getpgrp(), >> but from the manpage it doesn't appear to be any better. > > Even better: make RANDOM() call random() instead of rand(), and > initialize the rng with srandomdev(). > > Another random password generator is in security/apg, and that one > already uses /dev/random as a seed. > > -- > Dan Nelson > dnelson@allantgroup.com Not all architectures support random number generation though IIRC and random number generation can be removed from the kernel, so I think that the dev was playing it safe by using another, less random seed source than /dev/random or /dev/urandom. -Garrett