On 12/12/2021 03:49, Neal Gompa wrote:
So I strongly suspect they'll become the
new standard anyway.
TPM is a typical black box. I can't trust it because all hardware TPM
implementations are proprietary. No one guarantees that it has no backdoors.
--
Sincerely,
Vitaly Zaitsev
On Sat, Dec 11, 2021 at 9:43 PM Chris Murphy wrote:
>
> On Wed, Dec 8, 2021 at 7:52 AM Lennart Poettering
> wrote:
> >
> > On Di, 07.12.21 15:39, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl)
> > wrote:
> >
> > > Latest systemd versions have been getting some support for the low-level
> > >
Michel Alexandre Salim wrote:
> - do we want to allow any /local/ %wheel users to log in?
This seems fine to me.
> - or do we want to use a recovery passphrase of some sort?
I'm not sure what you mean here. When a passphrase is called a recovery
passphrase, it's usually because authentication
> A more user-friendly setup is to allow the password to be bypassed in
> case it's not set.
>
> This does not pose an increased security risk:
> - you can already boot with `init=/sysroot/bin/bash` anyway
> - anyone with physical access to a machine can probably compromise it
> - you can enforce
On 12/9/21 10:15, Vitaly Zaitsev via devel wrote:
On 09/12/2021 15:32, Lennart Poettering wrote:
TPM2 chip you'll get much weaker security guarantees
https://arstechnica.com/gadgets/2021/08/how-to-go-from-stolen-pc-to-network-intrusion-in-30-minutes/
The Lenovo TPM implementation exploited
On 09/12/2021 15:32, Lennart Poettering wrote:
TPM2 chip
you'll get much weaker security guarantees
https://arstechnica.com/gadgets/2021/08/how-to-go-from-stolen-pc-to-network-intrusion-in-30-minutes/
--
Sincerely,
Vitaly Zaitsev (vit...@easycoding.org)
On Mi, 08.12.21 18:10, Colin Walters (walt...@verbum.org) wrote:
> Right. I am in favor of having tight integration with the TPM of
> course, but it can't be used exclusively.
>
> In particular, I think about half the posters in this thread are
> thinking of the desktop case, but the problem can
On Mi, 08.12.21 13:28, Chris Murphy (li...@colorremedies.com) wrote:
> On Wed, Dec 8, 2021 at 7:52 AM Lennart Poettering
> wrote:
> >
> > On Di, 07.12.21 15:39, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl)
> > wrote:
> >
> > > Latest systemd versions have been getting some support for the
On Wed, Dec 08, 2021 at 12:12:33PM -0500, Chris Murphy wrote:
> On Tue, Dec 7, 2021 at 6:28 AM Zbigniew Jędrzejewski-Szmek
> wrote:
> >
> > On Mon, Dec 06, 2021 at 12:33:21PM -0500, Ben Cotton wrote:
> > > Fedora defaults to locking the root account, which is needed by
> > > single-user mode.
Hi all,
On Mon, Dec 06, 2021 at 12:33:21PM -0500, Ben Cotton wrote:
> https://fedoraproject.org/wiki/Changes/FixRescueMode
>
> == Summary ==
> Fedora defaults to locking the root account, which is needed by
> single-user mode. This Change uses `sulogin --force` so the password
> request is
On Wed, Dec 8, 2021, at 1:28 PM, Chris Murphy wrote:
> On Wed, Dec 8, 2021 at 7:52 AM Lennart Poettering
> wrote:
>>
>> On Di, 07.12.21 15:39, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote:
>>
>> > Latest systemd versions have been getting some support for the low-level
>> > parts,
Once upon a time, Björn Persson said:
> Introducing a new security hole is not just a change like any other
> change.
Calling this "introducing a new security hole" is hyperbole and
fear-mongering.
--
Chris Adams
___
devel mailing list --
On Wed, Dec 8, 2021 at 7:52 AM Lennart Poettering wrote:
>
> On Di, 07.12.21 15:39, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote:
>
> > Latest systemd versions have been getting some support for the low-level
> > parts, i.e. the low-level encrypted-secret storage. But we're missing the
>
On Wed, Dec 8, 2021 at 6:10 PM Björn Persson wrote:
>
> Chris Adams wrote:
> > Once upon a time, Björn Persson said:
> > > Chris Adams wrote:
> > > > If the admin has done one thing to lock down the system, then they can
> > > > do another (removing the sulogin --force addition).
> > >
> > > How
On Tue, Dec 7, 2021 at 6:28 AM Zbigniew Jędrzejewski-Szmek
wrote:
>
> On Mon, Dec 06, 2021 at 12:33:21PM -0500, Ben Cotton wrote:
> > Fedora defaults to locking the root account, which is needed by
> > single-user mode. This Change uses `sulogin --force` so the password
> > request is bypassed
Chris Adams wrote:
> Once upon a time, Björn Persson said:
> > Chris Adams wrote:
> > > If the admin has done one thing to lock down the system, then they can
> > > do another (removing the sulogin --force addition).
> >
> > How do you propose to ensure that the admin is made aware of the
On ke, 08 joulu 2021, Matthew Miller wrote:
On Wed, Dec 08, 2021 at 01:50:47PM +0100, Lennart Poettering wrote:
So here's what I'd suggest: let's define a group (my suggestion: let's
repurpose "wheel" for that) that has the effect that the passwords of
any user in it are also accepted as
On Wed, Dec 08, 2021 at 01:50:47PM +0100, Lennart Poettering wrote:
> So here's what I'd suggest: let's define a group (my suggestion: let's
> repurpose "wheel" for that) that has the effect that the passwords of
> any user in it are also accepted as password for the root user,
My working
On Di, 07.12.21 15:39, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote:
> Latest systemd versions have been getting some support for the low-level
> parts, i.e. the low-level encrypted-secret storage. But we're missing the
> upper parts, i.e. how to actually use and update the passwords. I
On 07/12/2021 23:01, przemek klosowski via devel wrote:
I am not sure what would be appropriate for single-user systems: some
sort of install-time rescue passphrase [1] perhaps, that the user would
write down and safely store [2]?
This will be a potential backdoor.
--
Sincerely,
Vitaly
On Tue, Dec 07, 2021 at 05:01:50PM -0500, przemek klosowski via devel wrote:
> On 12/7/21 10:39, Zbigniew Jędrzejewski-Szmek wrote:
>
> >>> If available, use
> >>>the TPM2 to additionally tie the password to local hardware. If the
> >>>user is removed, also remove that password from that
Once upon a time, Björn Persson said:
> Chris Adams wrote:
> > If the admin has done one thing to lock down the system, then they can
> > do another (removing the sulogin --force addition).
>
> How do you propose to ensure that the admin is made aware of the need
> to do that?
The same way as
On 12/7/21 10:39, Zbigniew Jędrzejewski-Szmek wrote:
If available, use
the TPM2 to additionally tie the password to local hardware. If the
user is removed, also remove that password from that storage.
During boot, if it is necessary to authenticate before the root file
system has been
Chris Adams wrote:
> If the admin has done one thing to lock down the system, then they can
> do another (removing the sulogin --force addition).
How do you propose to ensure that the admin is made aware of the need
to do that?
Experienced sysadmins won't just instinctively know that in this new
On Tue, Dec 07, 2021 at 12:03:04PM -0600, Chris Adams wrote:
> Once upon a time, Zbigniew Jędrzejewski-Szmek said:
> > The second case is when the admin has actually
> > locked down the kernel command line and relies on the normal
> > authentication mechanisms to protect the system. In both cases
Once upon a time, Zbigniew Jędrzejewski-Szmek said:
> The second case is when the admin has actually
> locked down the kernel command line and relies on the normal
> authentication mechanisms to protect the system. In both cases your
> proposal creates an additional method of attack that
On Tue, Dec 07, 2021 at 03:41:02PM +0100, Vít Ondruch wrote:
>
> Dne 07. 12. 21 v 12:26 Zbigniew Jędrzejewski-Szmek napsal(a):
> >On Mon, Dec 06, 2021 at 12:33:21PM -0500, Ben Cotton wrote:
> >>Fedora defaults to locking the root account, which is needed by
> >>single-user mode. This Change uses
Dne 07. 12. 21 v 12:26 Zbigniew Jędrzejewski-Szmek napsal(a):
On Mon, Dec 06, 2021 at 12:33:21PM -0500, Ben Cotton wrote:
Fedora defaults to locking the root account, which is needed by
single-user mode. This Change uses `sulogin --force` so the password
request is bypassed under this
On Tue, Dec 07, 2021 at 12:01:32PM +, Richard W.M. Jones wrote:
> On Tue, Dec 07, 2021 at 11:26:37AM +, Zbigniew Jędrzejewski-Szmek wrote:
> > On Mon, Dec 06, 2021 at 12:33:21PM -0500, Ben Cotton wrote:
> > > This does not pose an increased security risk: - [if] you can already
> > > boot
On Tue, Dec 07, 2021 at 11:26:37AM +, Zbigniew Jędrzejewski-Szmek wrote:
> On Mon, Dec 06, 2021 at 12:33:21PM -0500, Ben Cotton wrote:
> > This does not pose an increased security risk: - [if] you can already
> > boot with init=/sysroot/bin/bash anyway - anyone with physical
> > access to a
On Mon, Dec 06, 2021 at 12:33:21PM -0500, Ben Cotton wrote:
> Fedora defaults to locking the root account, which is needed by
> single-user mode. This Change uses `sulogin --force` so the password
> request is bypassed under this circumstance.
I think this is a terrible idea. The problem is real,
Once upon a time, Ben Cotton said:
> https://fedoraproject.org/wiki/Changes/FixRescueMode
>
> == Summary ==
> Fedora defaults to locking the root account, which is needed by
> single-user mode. This Change uses `sulogin --force` so the password
> request is bypassed under this circumstance.
https://fedoraproject.org/wiki/Changes/FixRescueMode
== Summary ==
Fedora defaults to locking the root account, which is needed by
single-user mode. This Change uses `sulogin --force` so the password
request is bypassed under this circumstance.
== Owner ==
* Name: [[User:Salimma|Michel Alexandre
https://fedoraproject.org/wiki/Changes/FixRescueMode
== Summary ==
Fedora defaults to locking the root account, which is needed by
single-user mode. This Change uses `sulogin --force` so the password
request is bypassed under this circumstance.
== Owner ==
* Name: [[User:Salimma|Michel Alexandre
34 matches
Mail list logo