PHK's MD5 might not be slow enough anymore

Matthew Dillon dillon at apollo.backplane.com
Wed Feb 3 18:14:40 UTC 2010


:If you're serious about strong authentication, use time-synchronized OTP
:tokens.  Oh wait, you can't, because you need PAM and ChallengeResponse
:to mediate between the user and the backend, which usually acts like a
:Radius server.  Too bad.
:
:DES
:-- 
:Dag-Erling Smørgrav - des at des.no

    The default PAM setting in OpenSSH is 0.  Line 138 servconf.c
    in openssh-5.3p1 (that's the portable version).  The default comment
    in sshd_config in openssh-5.3.p1 from ftp.openssh.com and is condusive
    to the state of the code, which is the reverse of what FreeBSD has done.
    I didn't bother to go check earlier releases to see if it was different
    in the past, but that seems to be the current state.

    Frankly I'm a bit surprised that you are even trying to defend the
    FreeBSD changes.  They are clearly less secure.  All you had to do
    was adjust the default sshd_config.  PAM is black-magic for most users,
    the last thing you want to do is suggest that the general user base
    make changes to PAM configuration files verses the far more user
    friendly sshd_config.

    The vast majority of BSD users don't need PAMs capabilities when it
    comes to ssh.  Having it disabled by default is more appropriate.
    For that matter, your suggestion that all users use some esoteric
    feature and mess with PAM configuration files as a solution instead
    of changing the far more user-friendly sshd_config is just bad advise
    to users.  It seems to me that you are setting defaults for the
    convenience of a minority of people when they should be set for the
    convenience of the majority.

    And if you are really going to insist on changing the option around
    the least you could have done was uncomment the related options and
    set them to a definitive 'no' value (that would be ChallengeResponse
    at the very least) when you made the other changes.

    The whole point of my original posting was to provide an alternative
    to users concerned with password attacks on ssh and you basically
    turned it into a personal attack.  You need to grow up.

    --

    In anycase, I think Mr Barton's posting was excellent.  We already
    ship with PasswordAuthentication set to 'no' and, of course, PAM is
    disabled by default, but I am going to make further adjustments to
    our sshd_config based on Doug's suggestions plus I will also
    uncomment ChallengeResponseAuthentication and set that to 'no' too
    as a further safety measure.

    The plain fact of the matter is that allowing short user passwords
    over-the-wire for a shell login, whether in the clear or tunneled,
    can no longer be considered a reasonable default in this day and age.

					-Matt
					Matthew Dillon 
					<dillon at backplane.com>


More information about the freebsd-security mailing list