secure login without digital pathways box

secure login without digital pathways box

[Boyd]

    From:	forsyth@plan9.cs.york.ac.uk

    this is a little trickier with this release since the
    source for crypt has not been included for the usual
    batty munitions act reasons.  i used one i prepared earlier,
    but has anyone got a good plug compatible replacement that
    can be placed somewhere outside the USA?  it might be
    a nice touch to put it on whatever is kremvax these days.

i've got a des implementation that i wrote.  it's not quite plug in
as mine takes an 8 byte key, whereas plan 9 uses 7 (but it's not
hard to fix).  if someone wants it they can have it.

secure login without digital pathways box

[Boyd]

on further inspection is see that i've coded up encrypt/decrypt
and a 8 byte to 7 byte key conversion glue to work with my des.
i guess that must be pretty close to plug in.

secure login without digital pathways box

[forsyth]

>>plaintext-password authentication option for
>>those who does not have SecureNet keys or use
>>reasonable firewalls.

if, like us, you are unwilling to reduce the level of
security the system offers -- we've got lots of potential ethernet snoopers --
an alternative is to provide a version of `netkey' on your unix systems,
with which to calculate the response to a plan 9 challenge.

this is a little trickier with this release since the
source for crypt has not been included for the usual
batty munitions act reasons.  i used one i prepared earlier,
but has anyone got a good plug compatible replacement that
can be placed somewhere outside the USA?  it might be
a nice touch to put it on whatever is kremvax these days.

secure login without digital pathways box

[Vadim]

-----BEGIN PGP SIGNED MESSAGE-----

Look for "fcrypt" at European FTP servers (ftp.funet.fi?)
The source for DES was available everywhere outside US
for at least a decade.

As for reducing security -- when a corporation has all
really valuable data stored on Unix machines it makes
very little sense to protect toys zealously.  Also,
challenge-response schemes do not protect against active
snoopers (you can always "steal" an already authenticated
TCP or UDP session) and so are of very little value as
protection against Ethernet snoopers (to steal packets
you already have to have access to a machine on the Ethernet,
ok?)

This means that you still need a solid firewall, no matter
if you use one-time passwords or not.  Over long-distance
links the one-time-password schemes are vulnerable to
host-route attacks (a man-in-the-middle scheme) or compromised
source hosts (i.e. the securenet thingie can't protect you
if you're logging from a host with doctored telnet).

The real answer to the network security is the encryption of
all data and using key exchange schemes resistant to the
man-in-the middle attacks.  And, also, *never* log in from
a machine you don't trust.  Better carry your own laptoy,
as security of the machine is as good as its physical
security.  There's no magic bullet.

So, the options i added are designed for use inside protected
LANs, where excessive level of paranoya only makes people
irritated (and by doing so _compromises_ security, as then
the users will tend to circumvent authentication so rendering
it useless). 


- --vadim

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDTfQUDODjim2XUVAQEf1gP8DIh6ORzpLA4kslZ90Vk5igudSF5ZZpZP
Kj60qTxNkztRk9X/qEKISPXjfe/Ifmmm5vPlBGPT42gcMvDKWcOrizrt9cTBsTBU
apGzLyUT9AsuMmva4hfd0xyY3QHb/Aj84aRrGYFHtKLlbylpcEjoHtfncqie+R5L
fVA1OYUKk+E=
=bOcB
-----END PGP SIGNATURE-----