From owner-freebsd-questions@FreeBSD.ORG  Mon Jan  8 18:36:48 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@freebsd.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 92DC216A40F
	for <questions@freebsd.org>; Mon,  8 Jan 2007 18:36:48 +0000 (UTC)
	(envelope-from dan@dan.emsphone.com)
Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101])
	by mx1.freebsd.org (Postfix) with ESMTP id 5CA3513C45E
	for <questions@freebsd.org>; Mon,  8 Jan 2007 18:36:48 +0000 (UTC)
	(envelope-from dan@dan.emsphone.com)
Received: (from dan@localhost)
	by dan.emsphone.com (8.13.6/8.13.8) id l08IajgL071106;
	Mon, 8 Jan 2007 12:36:45 -0600 (CST) (envelope-from dan)
Date: Mon, 8 Jan 2007 12:36:45 -0600
From: Dan Nelson <dnelson@allantgroup.com>
To: RW <fbsd06@mlists.homeunix.com>
Message-ID: <20070108183645.GF41724@dan.emsphone.com>
References: <20070108175314.27ce391f@gumby.homeunix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20070108175314.27ce391f@gumby.homeunix.com>
X-OS: FreeBSD 6.2-PRERELEASE
User-Agent: Mutt/1.5.13 (2006-08-11)
Cc: questions@freebsd.org, oddbjorn@tricknology.org
Subject: Re: pwgen's seeding looks insecure
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jan 2007 18:36:48 -0000

In the last episode (Jan 08), RW said:
> Someone recently recommended sysutils/pwgen for generating user
> passwords.  Out of curiosity I had a look at how it works, and I
> don't like the look of its PRNG initialization:
> 
> 
> #ifdef RAND48
>   srand48((time(0)<<9) ^ (getpgrp()<<15) ^ (getpid()) ^ (time(0)>>11));
> #else
>   srand(time(0) ^ (getpgrp() << 8) + getpid());
> #endif
> 
> If pwgen is called from an account creation script, time(0) can be
> inferred from timestamps, e.g. on a home-directory, so that just leaves
> getpid() and  getpgrp(). PIDs are allocated sequentially and globally,
> so getpid() is highly predictable. I don't know much about getpgrp(),
> but from the manpage it doesn't appear to be any better.

Even better: make RANDOM() call random() instead of rand(), and
initialize the rng with srandomdev().

Another random password generator is in security/apg, and that one
already uses /dev/random as a seed.

-- 
	Dan Nelson
	dnelson@allantgroup.com