[ previous ] [ next ] [ threads ]
 
 From:  Claude Morin <klodefactor at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] feature request (hidden and encrypted passwords/pre-sharde keys)
 Date:  Thu, 5 May 2005 18:48:58 -0400
[Sorry to resurrect this, but I have a kooky idea. I have no illusions about 
implementing it, it's more intended to nail down my understanding of this 
issue.]

Is it possible that the problem with this discussion is that everyone 
assumes some sort of fixed obfuscation algorithm in the m0n0wall sources? 
Instead, couldn't an installed m0n0wall store a secret key that is
notincluded in the
config.xml file? The secret would be set from the physical console menu, and 
stored elsewhere in the installed m0n0wall image.

Whenever DynDNS or PPP or anything else needs a password, the local secret 
key would be used to decrypt (in memory only) the appropriate config.xmlentry.

As I said, it's a kooky idea and probably breaks a bunch of design goals, 
but would it work?

-klode

On 4/21/05, Chris Buechler <cbuechler at gmail dot com> wrote:
> 
> On 4/21/05, Christoph hanle <christoph dot hanle at leinpfad dot de> wrote:
> > Neil A. Hillard schrieb:
> > >>i think it is no good solution, that in the webgui and the config.xml
> > >>the passwords for ppoe etc. and the pre-shared-key are always in
> > >>cleartype visible; the admin password is hidden or encrypted
> > >>respectively. Imho is this a big problem with the security.
> > > Try:
> > >
> > > http://www.m0n0.ch/wall/docbook/faq-plaintextpass.html
> > >
> >
> > Thx, i have overlooked this part, but i think it might be possible to
> > encrypt/decrypt these passwords for example against the admin-password.
> > And in the web-gui you can use the "hidden" tag.
> > but i still think, this is a big security hole, that should be fixed.
> 
> It can't be fixed. Any "fix" would be nothing more than obfuscation.
> Creating a false sense of security is worse than making it clear there
> should be *no* sense of security.
> 
> That FAQ explains why very well.
> 
> -Chris
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>