[17910] in Athena Bugs
Re: sun4 8.3.29: X
daemon@ATHENA.MIT.EDU (Karl Ramm)
Wed Jun 14 15:33:33 2000
To: Greg Hudson <ghudson@MIT.EDU>
Cc: John Hawkinson <jhawk@MIT.EDU>, amu@MIT.EDU (Aaron M. Ucko), bugs@MIT.EDU
From: Karl Ramm <kcr@1ts.org>
Date: 14 Jun 2000 15:33:28 -0400
In-Reply-To: Greg Hudson's message of "Tue, 13 Jun 2000 22:05:13 -0400"
Message-ID: <uusn1konjlj.fsf@ORTHANC.MIT.EDU>
There's this thing called the 'entropy gathering daemon' a.k.a egd.pl that
simulates /dev/random on a machine without one. Also, there is a add on
package that you can get from sun (but which is damnably hard to figure out
the name of from the net) that supplies a /dev/random.
Anyway, given the lack of a /dev/random on suns, can you trust ssh keys
generated on them?
kcr
Greg Hudson <ghudson@MIT.EDU> writes:
> > Is this a problem? Doesn't MIT-MAGIC-COOKIE also restrict
> > connections by ip address, too?
>
> No. Either you restrict connections by IP address or you do it by one
> of the provided security schemes, not both. And there's no way to get
> the X server to only listen on a Unix domain socket. It's a pretty
> sad state of affairs.
>
> As Athena currently has things configured, you at least have to
> connect from 127.0.0.1 or a local interface address, which is probably
> a reasonable barrier to outside attacks. (Unless our machines and X
> servers are vulnerable to a source-routing attack which would make it
> trivial to forge connections from 127.0.0.1... I don't know of a
> sufficiently easy way to test that.) If we went with
> MIT-MAGIC-COOKIE, we would have to worry about the cookie not being
> secret enough to prevent attacks from random parties on the net.
>
> I might consider enabling magic cookie authentication on platforms
> with /dev/random (i.e. Linux, right now, I think). Enabling it on
> Suns with keytabs using the keytab as a random seed might be
> reasonable, but it would expose the keytab if the one-way hash
> function is too weak, so I'm not too keen on that.
