[Klug-general] password / security question / coding

oly oly at digitaloctave.com
Sat Oct 18 21:54:30 UTC 2008 

On Sat, 2008-10-18 at 20:29 +0100, MacGyveR wrote:
> On Saturday 18 Oct 2008, Mike Evans wrote:
> > > obviously storing in plain text is not ideal so looking for the most
> > > secure solution so let me know, i am not a security expert myself so
> > > looking for others opinions / ideas.
> >
> > Putting passwords in plain in a stored file is not only less than ideal
> > it is folly.  Don't ever (and I mean ever) do it.  Even holding them in
> > the memory of a computer in plain should be done for as short a time as
> > possible.  This can be done by decrypting as late as possible, and once
> > used ensuring that the memory used by the variable is overwritten.
> >
> > If possible I would also suggest that connectivity and authentication
> > between a server manager and managed servers should be done using tried
> > and tested security mechanisms, such as ssh validated by certificates in
> > both directions.  Remember that once a hostile party has access to any
> > machine on the network packet sniffing is trivial.
> >
> > Mike
> >
> >
> > _______________________________________________
> > Kent mailing list
> > Kent at mailman.lug.org.uk
> > https://mailman.lug.org.uk/mailman/listinfo/kent
> 
> if we are just talking about one password, the i would not store it in the app 
> at all, as you could easily write a generic popup to request the users to 
> enter the password when required (say on reconfiguring some service). the kde 
> root password required pop up is an example of this. i personally would not 
> allow this to be cached during the user's session, but this may annoy users, 
> so you might have a system setting and warning dialog for this option.

popups where kind of what i wanted to avoid but may be the root i end up
going, however it would be a pain in the neck to have to enter the
password for each query on the ldap server you dont see the kde or gnome
apps do this they store the passwords for a set period presumably in
memory.


> if you need credentials for lots of users i would store the passwords in the 
> required encrypted forms for all the services that need them, eg crypt for 
> system accounts and mysql format for mysql accounts. when a new account is 
> added the user will be prompted for the plain password and all the encrypted 
> passwords created. if you add a new service that needs a different encryption 
> type then the user will be prompted as necessary. i cant see that linux based 
> services will use that many different password formats as most support 
> multiple authentication backends.

i am actually already encrypting all passwords it only when connecting
to services that i need the orignal password to authenticate.
I can also set the inital passwords in any format already its more the
connecting after thats baffling me.

also i understand why plain text is bad but would you not have to have
compromised a server to be able to read it ? at which point surely you
would be screwed, more a general question to help in my understanding.

More information about the Kent mailing list