From owner-freebsd-security@FreeBSD.ORG Sun Mar 13 22:31:52 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C9528106566B for ; Sun, 13 Mar 2011 22:31:52 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 5330E8FC13 for ; Sun, 13 Mar 2011 22:31:52 +0000 (UTC) Received: by wwc33 with SMTP id 33so5308006wwc.31 for ; Sun, 13 Mar 2011 15:31:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:date:from:to:subject:message-id:in-reply-to :references:x-mailer:mime-version:content-type :content-transfer-encoding; bh=hZ9hOJRFfIUI9a2WbcuIym1IVHFHBlKCx6feraZ2r8Y=; b=RPlXFuvFt4HrO1qxRqKVBSOao9/RNZh7v7MUsCfm8S6+BAf+wUHq5XZSafU3FisxbZ 208b1uxlIImgi31UiKUZUp4rBClGn3Rahh3ddEpjo5IkfaBJnOL9lQssirX8tGsyYnxY P79GNkeVYXYQ3YLe/lLgT5ZKWqFyq9CqiikYI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=E7r/zBNqasJcP1yK/DhKRLdgS6Ix7TxBzZBf0sH29bGksGakvNoYsAJvjOEX2Pz27E UbfK1mRzQzTsnGNgcPzp96M06kD+vRbjVJrRJ2Yq0clZEeu8+qY2KQaxqYPe52G34AcU mmsB0uufMEECZy/GQEYyqkcELhhNXfQ7pYtCQ= Received: by 10.216.142.230 with SMTP id i80mr5511600wej.1.1300053958014; Sun, 13 Mar 2011 15:05:58 -0700 (PDT) Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk [87.194.105.247]) by mx.google.com with ESMTPS id r57sm3484883wes.25.2011.03.13.15.05.55 (version=SSLv3 cipher=OTHER); Sun, 13 Mar 2011 15:05:57 -0700 (PDT) Date: Sun, 13 Mar 2011 22:05:52 +0000 From: RW To: freebsd-security@freebsd.org Message-ID: <20110313220552.5b79de13@gumby.homeunix.com> In-Reply-To: <1300050377.5900.12.camel@w500.local> References: <1299682310.17149.24.camel@w500.local> <1299769253.20266.23.camel@w500.local> <2E5C0CE8-4F70-4A4D-A91D-3274FD394C80@elvandar.org> <1299784361.18199.4.camel@w500.local> <20110310202653.GG9421@shame.svkt.org> <1299798547.20831.59.camel@w500.local> <20110313204054.GA5392@server.vk2pj.dyndns.org> <1300050377.5900.12.camel@w500.local> X-Mailer: Claws Mail 3.7.8 (GTK+ 2.22.1; i386-portbld-freebsd8.1) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: It's not possible to allow non-OPIE logins only from trusted networks X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Mar 2011 22:31:52 -0000 On Sun, 13 Mar 2011 21:06:17 +0000 Miguel Lopes Santos Ramos wrote: >=20 > Seg, 2011-03-14 =E0s 07:40 +1100, Peter Jeremy escreveu: > > On 2011-Mar-10 23:09:07 +0000, Miguel Lopes Santos Ramos > > wrote: > > >- The objection on S/KEY on that wiki page, that it's possible to > > >compute all previous passwords, is a bit odd, since past passwords > > >won't be used anymore. > >=20 > > One weakness of S/KEY and OPIE is that if an attacker finds the > > password (response) for sequence N then they can trivially determine > > the response for any sequence > N. This could occur if (eg) you > > have a printout of OPIE keys and are just crossing them off (which > > was a common recommendation prior to smart phones etc) - an > > attacker just needs to memorise the lowest N and response. >=20 > Ok, admittedly, it took me a while to see in what way that could be a > weekness. It's a bit like hoping for a little remaining security after > the password list was compromised. It means they can compute keys that they already have on the printout plus obsolete keys. In what sense is that a weakness? IIRC there is/was a weakness in FreeBSD's OPIE implementation in that it's susceptible to rainbow table attacks - I think part of the hash is discarded.