Date: Thu, 22 Jun 95 09:45:55 CDT From: Brian Gottlieb <brian@arl.wustl.edu> To: freebsd-hackers@freebsd.org (FreeBSD hackers), joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Subject: Re: PPP password security Message-ID: <9506221445.AA08162@beru.wustl.edu> In-Reply-To: <199506220615.IAA24196@uriah.heep.sax.de> References: <199506212159.RAA22871@magic.winnet.net> <199506220615.IAA24196@uriah.heep.sax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
J Wunsch <j@uriah.heep.sax.de> (J) writes: J> As Piero Serini wrote: >> >> > ... If you cannot >> > trust root, forget about Unix security. >> >> So if I crack root on a single machine of yours, do I also get >> all the routers' passwords in your network, and a nice set of >> .rhosts all around your machines? J> You will certainly get all the passwords of machines where i need to J> log in automatically. You won't get any other password, of course, J> since i've got the habit of neither writing passwords down anywhere J> nor storing them anywhere in a computer. :-) J> The original poster clarified meanwhile that he actually intented to J> enter the encryption key manually each time (but hmm, why doesn't he J> enter the password manually then eacht time? :), but anything you J> wanna have done automatically suffers from the above problem. Well, I suppose I should step in and let everyone know my current idea. To restate the problem for clarity, I was concerned about leaving a login script in plain-text. The script would be compromising my password into my ISP's machine (since it uses it to log in). My solution to this was to manually enter the login script after running the ppp program. Ideally, I would only need to run it after a reboot, so it would be a minor inconvenience. But then there is the problem of the ppp.security file having a plain-text password in it. This was where I wanted to have it use a stored encrypted password. If it had that, then it could go a step further and have the login script encrypted in the ppp.conf file and have the key bey the plain-text password (that it would get when I connected to it and authenticated the first time).But seeing as how that still doesn't get away from any interaction on my part, it would be just as easy to enter the script then, too. So now I am thinking of adding a "set passwd" command to the program. So the first time I run it (with -auto), then connect, I set the login script, and set the password. On subsequent connections, it will use that password instead of going to the ppp.secret file. To me, this is more secure, since the password doesn't appear anywhere except in memory, and I can change it on a whim. For now, however, I have done as J"org suggested for convenience. brian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9506221445.AA08162>