[ previous ] [ next ] [ threads ]
 From:  "Quark AV - Hilton Travis" <Hilton at QuarkAV dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] PPPoE password encryption
 Date:  Sat, 5 Jun 2004 09:26:13 +1000
Hi Manuel,

> -----Original Message-----
> From: Manuel Kasper [mailto:mk at neon1 dot net] 
> Sent: Saturday, 5 June 2004 05:12
> To: Jay Custin
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] PPPoE password encryption
> On 04.06.2004 14:54 -0400, Jay Custin wrote:
> > Just an idle question...
> > 
> > Is there a reason the PPPoE password is NOT encrypted on the webGUI 
> > nor in the XML configuration file?  Just seems a bit odd.
> MPD needs the password in plaintext form for CHAP 
> authentication, and therefore we cannot one-way-encrypt it 
> (unlike the system password).
> We could encrypt it somehow, of course, but anybody with a 
> passing understanding of PHP could just look at the m0n0wall 
> source code and figure out how it's done. I abhor security by 
> obscurity, so I'd rather have the password stored in 
> plaintext in the config to make it clear that it's something 
> worth protecting than giving the user a false impression of security.

If only there was a way in BSD (and Linux, for that matter) to have PPP
passwords stored and processed after encryption...  It seems that the
authors of the ppp apps don't agree.  Oh well, that's life.  :)

> Oh, and as for the reason why the webGUI input field is not 
> defined as a password field: I wanted to minimize a possible 
> cause of failure (mistyping the PPP password) without 
> inconveniencing the user by making him/her enter it twice 
> (some DSL providers like to assign excessively long 
> passwords). It would protect against the "looking over your 
> shoulder" kind of prying eyes, but I felt that the benefits 
> outweigh that disadvantage.

If its in plaintext in the config, then plaintext in the WebGUI also makes
sense.  If it is shown as "***" in the WebGUI, then this could give people
the false sense of security that it is also encrypted in the config file -
which it isn't and cannot be.  I'd rather have it in plain text - easier to
confirm - as you suggested.

Hilton Travis                        Phone: +61-(0)7-3343-3889
Manager,                             Mobile: +61 (0)419 792 394
Quark IT                             http://www.QuarkIT.com.au/
Quark AudioVisual                    http://www.QuarkAV.net/
(Brisbane, Australia)
 Network Administration, SmoothWall Firewalls, NOD32 AntiVirus
Non Linear Video Editing Solutions & Digital Audio Workstations
  Conference and Seminar AudioVisual Production and Recording
 War doesn't determine who is right. War determines who is left.