On Wed, Oct 14, 2020 at 02:41:51PM +0100, Stuart Henderson wrote: > Just found this in my local tree still, iirc danj liked it but there > wasn't much other enthusiasm. Any other comments? Should I just drop > the diff? Change 'a' to use 2^10 minimum? Change to fixed 2^10 with > no auto measurement?
I think this makes sense. I like it. ok kmos --Kurt > ----- Forwarded message from Stuart Henderson <s...@spacehopper.org> ----- > > From: Stuart Henderson <s...@spacehopper.org> > Date: Sat, 23 May 2020 22:08:11 +0100 > Subject: Re: Remove useless line from daemon class in login.conf > > On 2020/05/22 16:04, Theo de Raadt wrote: > > Stuart Henderson <s...@spacehopper.org> wrote: > > > > > On 2020/05/22 17:06, Daniel Jakots wrote: > > > > Hi, > > > > > > > > We used to have different numbers of blowfish rounds between the > > > > default and daemon classes in login.conf. On Jun 26, 2016, tedu > > > > committed "upgrade selected login.conf to use auto rounds for bcrypt" > > > > for amd64, sparc64, i386, and maccpc [1]. > > > > > > > > Since the class daemon inherits from the default class, the > > > > :localcipher=blowfish,a:\ > > > > is a duplicate. > > > > > > > > Here's a diff to remove them. > > > > > > I'm OK with unifying these settings, but FWIW I never switched to auto > > > for these, it doesn't seem all that sensible for somebody with the ability > > > to generate enough load on the machine to be able to reduce the strength > > > of bcrypt down to the 64 (2^6) rounds minimum. > > > > Yes, that is problematic. > > > > The minimum should be probably be raised, we should consider if auto > > should even exist anymore. > > > > As long as it doesn't allow weakening things I think auto should still > exist so that machines can have a stronger bcrypt where it's cheap. > > When this was introduced, login.conf for amd64/i386/macppc/sparc64 > changed from 8 (normal users) and 9 (daemon class i.e. root) to auto. > Since other, mainly slower, arches stayed with hardcoded 8/9 I don't > think the current minimum reachable in the code makes sense at all. > > I've gone to a few machines and done: > > - 50 runs of "encrypt -b a" to see what setting was chosen by auto > > for i in `jot 50`; do echo foo | encrypt -b a; sleep .1; done | cut -d'$' -f3 > | sort | uniq -c > > - 50 runs of "encrypt -b 9" or "encrypt -b 10" and averaged, to see > how long those two settings take > > time for i in `jot 50`; do echo foo | encrypt -b 10; done > (divided by 50) > > Chosen -b 9 -b 10 > Cortex-A53 1.4GHz (pi3) all 8 0.22 0.40 > GX-412TC 1GHz (APU2) all 8 0.16 0.31 > Cortex-A72 1.5GHz (pi4) all 9 0.07 0.14 > L5520 2.27GHz all 9 0.08 0.16 > E3-1225v3 3.2GHz 12x8 3x9 35x10 0.05 0.10 > E3-1240v5 3.5GHz all 10 0.04 0.08 > E3-1270v6 3.8GHz all 11 0.03 0.05 > > I think bumping the minimum to 2^9 would be reasonable, there's a more > noticeable delay on some machines but I think that's fair enough (any > cracking is likely to be done on a fast machine, and the user can force > it lower themselves if they want to take the risk). > > With a higher minimum than that the delay starts to get very noticeable > in some cases, so I'm not sure we're ready for that yet. > > I think it also makes sense to use blowfish,a in login.conf on all > arches, replacing the old 8/9. Actually -b a is already used in the > installer for both root and the standard user on all archs, whatever > they have in login.conf. Resulting in the situation that on some > archs, the bcrypt created during install for root's password is > weaker than it would be if reset after boot. > > So maybe this or something like it? > > Index: lib/libc/crypt/bcrypt.c > =================================================================== > RCS file: /cvs/src/lib/libc/crypt/bcrypt.c,v > retrieving revision 1.57 > diff -u -p -r1.57 bcrypt.c > --- lib/libc/crypt/bcrypt.c 26 Aug 2016 08:25:02 -0000 1.57 > +++ lib/libc/crypt/bcrypt.c 23 May 2020 20:16:46 -0000 > @@ -237,14 +237,15 @@ bcrypt_checkpass(const char *pass, const > DEF_WEAK(bcrypt_checkpass); > > /* > - * Measure this system's performance by measuring the time for 8 rounds. > - * We are aiming for something that takes around 0.1s, but not too much over. > + * Measure this system's performance by measuring the time for 2^9 rounds. > + * We are aiming for something that takes around 0.1s, not too much over, > + * but without allowing it to be too weak. > */ > int > _bcrypt_autorounds(void) > { > struct timespec before, after; > - int r = 8; > + int r = 9; > char buf[_PASSWORD_LEN]; > int duration; > > @@ -257,12 +258,12 @@ _bcrypt_autorounds(void) > duration += (after.tv_nsec - before.tv_nsec) / 1000; > > /* too quick? slow it down. */ > - while (r < 16 && duration <= 60000) { > + while (r < 16 && duration <= 75000) { > r += 1; > duration *= 2; > } > /* too slow? speed it up. */ > - while (r > 6 && duration > 120000) { > + while (r > 10 && duration > 120000) { > r -= 1; > duration /= 2; > } > Index: etc/etc.alpha/login.conf > =================================================================== > RCS file: /cvs/src/etc/etc.alpha/login.conf,v > retrieving revision 1.8 > diff -u -p -r1.8 login.conf > --- etc/etc.alpha/login.conf 5 Nov 2019 19:03:46 -0000 1.8 > +++ etc/etc.alpha/login.conf 23 May 2020 20:36:06 -0000 > @@ -48,7 +48,7 @@ default:\ > :openfiles-max=1024:\ > :openfiles-cur=512:\ > :stacksize-cur=4M:\ > - :localcipher=blowfish,8:\ > + :localcipher=blowfish,a:\ > :tc=auth-defaults:\ > :tc=auth-ftp-defaults: > > @@ -64,7 +64,6 @@ daemon:\ > :openfiles-max=1024:\ > :openfiles-cur=128:\ > :stacksize-cur=8M:\ > - :localcipher=blowfish,9:\ > :tc=default: > > # > Index: etc/etc.arm64/login.conf > =================================================================== > RCS file: /cvs/src/etc/etc.arm64/login.conf,v > retrieving revision 1.7 > diff -u -p -r1.7 login.conf > --- etc/etc.arm64/login.conf 5 Nov 2019 19:03:46 -0000 1.7 > +++ etc/etc.arm64/login.conf 23 May 2020 20:36:06 -0000 > @@ -48,7 +48,7 @@ default:\ > :openfiles-max=1024:\ > :openfiles-cur=512:\ > :stacksize-cur=4M:\ > - :localcipher=blowfish,8:\ > + :localcipher=blowfish,a:\ > :tc=auth-defaults:\ > :tc=auth-ftp-defaults: > > @@ -64,7 +64,6 @@ daemon:\ > :openfiles-max=1024:\ > :openfiles-cur=128:\ > :stacksize-cur=8M:\ > - :localcipher=blowfish,9:\ > :tc=default: > > # > Index: etc/etc.armv7/login.conf > =================================================================== > RCS file: /cvs/src/etc/etc.armv7/login.conf,v > retrieving revision 1.8 > diff -u -p -r1.8 login.conf > --- etc/etc.armv7/login.conf 5 Nov 2019 19:03:46 -0000 1.8 > +++ etc/etc.armv7/login.conf 23 May 2020 20:36:06 -0000 > @@ -48,7 +48,7 @@ default:\ > :openfiles-max=1024:\ > :openfiles-cur=512:\ > :stacksize-cur=4M:\ > - :localcipher=blowfish,8:\ > + :localcipher=blowfish,a:\ > :tc=auth-defaults:\ > :tc=auth-ftp-defaults: > > @@ -64,7 +64,6 @@ daemon:\ > :openfiles-max=1024:\ > :openfiles-cur=128:\ > :stacksize-cur=8M:\ > - :localcipher=blowfish,9:\ > :tc=default: > > # > Index: etc/etc.hppa/login.conf > =================================================================== > RCS file: /cvs/src/etc/etc.hppa/login.conf,v > retrieving revision 1.10 > diff -u -p -r1.10 login.conf > --- etc/etc.hppa/login.conf 5 Nov 2019 19:03:46 -0000 1.10 > +++ etc/etc.hppa/login.conf 23 May 2020 20:36:06 -0000 > @@ -48,7 +48,7 @@ default:\ > :openfiles-max=1024:\ > :openfiles-cur=512:\ > :stacksize-cur=4M:\ > - :localcipher=blowfish,8:\ > + :localcipher=blowfish,a:\ > :tc=auth-defaults:\ > :tc=auth-ftp-defaults: > > @@ -64,7 +64,6 @@ daemon:\ > :openfiles-max=1024:\ > :openfiles-cur=128:\ > :stacksize-cur=8M:\ > - :localcipher=blowfish,9:\ > :tc=default: > > # > Index: etc/etc.landisk/login.conf > =================================================================== > RCS file: /cvs/src/etc/etc.landisk/login.conf,v > retrieving revision 1.8 > diff -u -p -r1.8 login.conf > --- etc/etc.landisk/login.conf 5 Nov 2019 19:03:46 -0000 1.8 > +++ etc/etc.landisk/login.conf 23 May 2020 20:36:06 -0000 > @@ -48,7 +48,7 @@ default:\ > :openfiles-max=1024:\ > :openfiles-cur=512:\ > :stacksize-cur=4M:\ > - :localcipher=blowfish,8:\ > + :localcipher=blowfish,a:\ > :tc=auth-defaults:\ > :tc=auth-ftp-defaults: > > @@ -64,7 +64,6 @@ daemon:\ > :openfiles-max=1024:\ > :openfiles-cur=128:\ > :stacksize-cur=8M:\ > - :localcipher=blowfish,9:\ > :tc=default: > > # > Index: etc/etc.loongson/login.conf > =================================================================== > RCS file: /cvs/src/etc/etc.loongson/login.conf,v > retrieving revision 1.13 > diff -u -p -r1.13 login.conf > --- etc/etc.loongson/login.conf 12 Mar 2020 15:32:21 -0000 1.13 > +++ etc/etc.loongson/login.conf 23 May 2020 20:36:06 -0000 > @@ -48,7 +48,7 @@ default:\ > :openfiles-max=1024:\ > :openfiles-cur=512:\ > :stacksize-cur=4M:\ > - :localcipher=blowfish,8:\ > + :localcipher=blowfish,a:\ > :tc=auth-defaults:\ > :tc=auth-ftp-defaults: > > @@ -64,7 +64,6 @@ daemon:\ > :openfiles-max=1024:\ > :openfiles-cur=128:\ > :stacksize-cur=8M:\ > - :localcipher=blowfish,9:\ > :tc=default: > > # > Index: etc/etc.luna88k/login.conf > =================================================================== > RCS file: /cvs/src/etc/etc.luna88k/login.conf,v > retrieving revision 1.8 > diff -u -p -r1.8 login.conf > --- etc/etc.luna88k/login.conf 5 Nov 2019 19:03:46 -0000 1.8 > +++ etc/etc.luna88k/login.conf 23 May 2020 20:36:06 -0000 > @@ -48,7 +48,7 @@ default:\ > :openfiles-max=1024:\ > :openfiles-cur=512:\ > :stacksize-cur=4M:\ > - :localcipher=blowfish,8:\ > + :localcipher=blowfish,a:\ > :tc=auth-defaults:\ > :tc=auth-ftp-defaults: > > @@ -64,7 +64,6 @@ daemon:\ > :openfiles-max=1024:\ > :openfiles-cur=128:\ > :stacksize-cur=8M:\ > - :localcipher=blowfish,9:\ > :tc=default: > > # > Index: etc/etc.octeon/login.conf > =================================================================== > RCS file: /cvs/src/etc/etc.octeon/login.conf,v > retrieving revision 1.10 > diff -u -p -r1.10 login.conf > --- etc/etc.octeon/login.conf 5 Nov 2019 19:03:47 -0000 1.10 > +++ etc/etc.octeon/login.conf 23 May 2020 20:36:06 -0000 > @@ -48,7 +48,7 @@ default:\ > :openfiles-max=1024:\ > :openfiles-cur=512:\ > :stacksize-cur=4M:\ > - :localcipher=blowfish,8:\ > + :localcipher=blowfish,a:\ > :tc=auth-defaults:\ > :tc=auth-ftp-defaults: > > @@ -64,7 +64,6 @@ daemon:\ > :openfiles-max=1024:\ > :openfiles-cur=128:\ > :stacksize-cur=8M:\ > - :localcipher=blowfish,9:\ > :tc=default: > > # > Index: etc/etc.sgi/login.conf > =================================================================== > RCS file: /cvs/src/etc/etc.sgi/login.conf,v > retrieving revision 1.10 > diff -u -p -r1.10 login.conf > --- etc/etc.sgi/login.conf 5 Nov 2019 19:03:47 -0000 1.10 > +++ etc/etc.sgi/login.conf 23 May 2020 20:36:06 -0000 > @@ -48,7 +48,7 @@ default:\ > :openfiles-max=1024:\ > :openfiles-cur=512:\ > :stacksize-cur=4M:\ > - :localcipher=blowfish,8:\ > + :localcipher=blowfish,a:\ > :tc=auth-defaults:\ > :tc=auth-ftp-defaults: > > @@ -64,7 +64,6 @@ daemon:\ > :openfiles-max=1024:\ > :openfiles-cur=128:\ > :stacksize-cur=8M:\ > - :localcipher=blowfish,9:\ > :tc=default: > > # > > > ----- End forwarded message ----- >