My thinking on this issue is that energy is much better put into the correct
and working solution.
You're right.
On Thu, Dec 19, 2002 at 05:48:02PM -0500, Mark L. Kahnt wrote:
> If my number theory was stronger, and I was more familiar with the
> related code, I would be rather tempted, but my programming background
> leans far more to compilers and API definitions, translations and
> interfaces, as well as u
On Thu, Dec 19, 2002 at 12:45:07PM -0800, Thomas Bushnell, BSG wrote:
> No, not at all. I don't want to give the user a fake feeling. I want
> the user to be able to make a judgement "in this case, the security is
> not important, but telnet is a major hassle, so I choose the fake
> ssh".
Nothi
If my number theory was stronger, and I was more familiar with the
related code, I would be rather tempted, but my programming background
leans far more to compilers and API definitions, translations and
interfaces, as well as user interfaces. You don't usually want your
compilers in
On Thu, 2002-12-19 at 17:33, Alfred M. Szmidt wrote:
>I'd suggest that this matter might better be addressed off-list, or
>else identified as something that the two of you are not going to
>reach a common vision through the mechanism of the mailing list.
>
> We came to a conclusion tha
I'd suggest that this matter might better be addressed off-list, or
else identified as something that the two of you are not going to
reach a common vision through the mechanism of the mailing list.
We came to a conclusion that I think everyone agrees with, and there
is nothing off-topic
On Thu, 2002-12-19 at 14:52, Thomas Bushnell, BSG wrote:
> "Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>
> >> Why do I feel like repeating this old mantra: Bad security is worse
> >> than no security.
> >
> >Sez you. Many disagree. Especially for a system in development, with
> >
[EMAIL PROTECTED] (Neal H. Walfield) writes:
> > If our only alternatives are
> >
> > 1) no ssh
> > 2) ssh with no security
>
> Wrong, which just proves that you have not read this thread: we are
> arguing about entropy; ssh is only a side argument.
*IF*. Can you read the word *IF*?
The propo
On Thu, Dec 19, 2002 at 04:10:25PM -0500, Neal H. Walfield wrote:
> There is a fourth alternative: leave everything the way it is. If you
> need some quality entropy copy it from e.g. a GNU/Linux system.
This is what the buildd machine does, btw.
Tks,
Jeff Bailey
>1) no ssh
>2) ssh with no security
>
>you have advocated (2), right? It is that statement which I am
>arguing against.
>
> No, I have advocated against including a unsecure random translator.
> You are forgetting the third alternative, making ssh use its own
> random pool. Assu
Then we are at an agreement I think.
I took a quick look at Open SSH and its flags for gathering random
entropy. From the looks the --with-rand-helper is the flag to use,
but I think that the configure script should pick up the fact that we
do not have /dev/random.
I will take a closer look at t
> If our only alternatives are
>
> 1) no ssh
> 2) ssh with no security
Wrong, which just proves that you have not read this thread: we are
arguing about entropy; ssh is only a side argument.
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>If our only alternatives are
>
>1) no ssh
>2) ssh with no security
>
>you have advocated (2), right? It is that statement which I am
>arguing against.
>
> No, I have advocated against including a unsecure random translator.
>
If our only alternatives are
1) no ssh
2) ssh with no security
you have advocated (2), right? It is that statement which I am
arguing against.
No, I have advocated against including a unsecure random translator.
You are forgetting the third alternative, making ssh use its own
ra
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
> Please, could you bother reading my mails even for a small amount of
> time? I have _not_, I repeat, _not_ suggested the removal of Open SSH!
If our only alternatives are
1) no ssh
2) ssh with no security
you have advocated (2), right? It is tha
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>>Telnet has worse security than even a buggy miserably fake ssh.
>>
>> Telnet has _no_ security. It doesn't have fake security, which you
>> get by using crappy random bits and Open SSH. That is a huge
>> difference. Open
Please, could you bother reading my mails even for a small amount of
time? I have _not_, I repeat, _not_ suggested the removal of Open SSH!
>Telnet has worse security than even a buggy miserably fake ssh.
>
> Telnet has _no_ security. It doesn't have fake security, which you
> get by using crappy random bits and Open SSH. That is a huge
> difference. Open SSH was designed for security, telnet was _not_.
What?
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>> I think that we can all accept that there are currently a variety of
>> security holes in the Hurd. The type of security holes which would be
>> introduced by using bad random data, however, is far worse as it has
>> the potential
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>Telnet has worse security than even a buggy miserably fake ssh.
>
> Telnet has _no_ security. It doesn't have fake security, which you
> get by using crappy random bits and Open SSH. That is a huge
> difference. Open SSH was designed for secu
> I think that we can all accept that there are currently a variety of
> security holes in the Hurd. The type of security holes which would be
> introduced by using bad random data, however, is far worse as it has
> the potential to allow an attacker to obtain access to systems that
Telnet has worse security than even a buggy miserably fake ssh.
Telnet has _no_ security. It doesn't have fake security, which you
get by using crappy random bits and Open SSH. That is a huge
difference. Open SSH was designed for security, telnet was _not_.
[EMAIL PROTECTED] (Neal H. Walfield) writes:
> > > Why do I feel like repeating this old mantra: Bad security is worse
> > > than no security.
> >
> > Sez you. Many disagree. Especially for a system in development, with
> > already has bad security.
>
> I think that we can all accept that ther
[EMAIL PROTECTED] (Niels Möller) writes:
> The argument is really simple. Programs that use /dev/urandom
> generally expect to get numbers that are not only uniform, but numbers
> which are actually *useful* for *cryptographic* purposes. Creating a
> /dev/urandom that does something different is b
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>> Why do I feel like repeating this old mantra: Bad security is worse
>> than no security.
>
>Sez you. Many disagree. Especially for a system in development, with
>already has bad security.
>
> Fine, would you like to work on this
Le jeu 19/12/2002 à 15:44, Emile van Bergen a écrit :
> Hi,
>
> On Thu, Dec 19, 2002 at 03:26:13PM +0100, PUYDT Julien wrote:
>
> > Le jeu 19/12/2002 à 15:18, Daniel Burrows a écrit :
> > > On Thu, Dec 19, 2002 at 09:17:23AM +0100, PUYDT Julien <[EMAIL
> > > PROTECTED]> was heard to say:
> > > >
Niels a écrit :
> The argument is really simple. Programs that use /dev/urandom
> generally expect to get numbers that are not only uniform, but numbers
> which are actually *useful* for *cryptographic* purposes. Creating a
> /dev/urandom that does something different is breaking that inform
Hi,
On Thu, Dec 19, 2002 at 03:26:13PM +0100, PUYDT Julien wrote:
> Le jeu 19/12/2002 à 15:18, Daniel Burrows a écrit :
> > On Thu, Dec 19, 2002 at 09:17:23AM +0100, PUYDT Julien <[EMAIL PROTECTED]>
> > was heard to say:
> > > Le mer 18/12/2002 à 18:45, Niels Möller a écrit :
> > > > use some ot
One-time pads are definitely secure against any mathematical
attack. (if you assume that the bits of the key are perfectly
random) Basically, given an encrypted message, every key/plaintext
combination is equally likely.
And try to find out which one is the right message! Fun for th
Le jeu 19/12/2002 à 15:18, Daniel Burrows a écrit :
> On Thu, Dec 19, 2002 at 09:17:23AM +0100, PUYDT Julien <[EMAIL PROTECTED]>
> was heard to say:
> > Le mer 18/12/2002 à 18:45, Niels Möller a écrit :
> > > use some other construction that is secure even if the enemy has infinite
> > > computati
On Thu, Dec 19, 2002 at 09:17:23AM +0100, PUYDT Julien <[EMAIL PROTECTED]> was
heard to say:
> Le mer 18/12/2002 à 18:45, Niels Möller a écrit :
> > use some other construction that is secure even if the enemy has infinite
> > computational power
>
> I'm pretty sure it isn't possible:
One-time
There is still quantum cryptography. It's provable secure because if you
sniff the message is destroyed.
OTP is also there.
Budi Rahardjo <[EMAIL PROTECTED]> writes:
> On Wed, Dec 18, 2002 at 12:54:17AM +0100, Ga?l Le Mignot wrote:
> > No, we should use a random translator, which, at least, provide uniform
> > numbers, and differents number on successive reads.
>
> I have not heard argument(s) against this.
The argum
which one would you prefer?
telnet or ssh (with weak encryption)
What I prefer has nothing todo with this discussion. ssh is meant for
security, telnet is not.
I belive you can remove duplicate mails based on the message ID.
I have not heard argument(s) against this.
Then please read the mailing list archives, Marcus already gave
reasons. And it is not Ga?l's random translator, it was written by
Marcus.
Le jeu 19/12/2002 à 10:56, Marcus Brinkmann a écrit :
> There is still quantum cryptography. It's provable secure because if you
> sniff the message is destroyed.
>
> However, it's not really something you can use today, although I think they
> already managed to bridge a couple of meters over th
On Thu, Dec 19, 2002 at 09:17:23AM +0100, PUYDT Julien wrote:
> Le mer 18/12/2002 à 18:45, Niels Möller a écrit :
> > use some other construction that is secure even if the enemy has infinite
> > computational power
>
> I'm pretty sure it isn't possible:
> 1) you always want someone to read your m
Le mer 18/12/2002 à 18:45, Niels Möller a écrit :
> use some other construction that is secure even if the enemy has infinite
> computational power
I'm pretty sure it isn't possible:
1) you always want someone to read your message; hence no cryptalgo can
be infinitely secure, there must be some ke
>> Why do I feel like repeating this old mantra: Bad security is worse
>> than no security.
which one would you prefer?
telnet or ssh (with weak encryption)
-- budi
--
http://budi.insan.co.id
> > Why do I feel like repeating this old mantra: Bad security is worse
> > than no security.
>
> Sez you. Many disagree. Especially for a system in development, with
> already has bad security.
I think that we can all accept that there are currently a variety of
security holes in the Hurd. Th
On Thu, Dec 19, 2002 at 03:53:13AM +0700, Budi Rahardjo wrote:
> could you just use when replying?
> ie you don't have to add my name (or other people) in the Bcc:
> We are all subscribers of the list.
> I've been getting multiple copies. Once or twice is ok, but
> too many of them is annoying :(
On Wed, Dec 18, 2002 at 12:54:17AM +0100, Ga?l Le Mignot wrote:
> No, we should use a random translator, which, at least, provide uniform
> numbers, and differents number on successive reads.
I have not heard argument(s) against this.
Has anybody looked at kilobug's (Ga?l Le Mignot) random transla
Folks,
could you just use when replying?
ie you don't have to add my name (or other people) in the Bcc:
We are all subscribers of the list.
I've been getting multiple copies. Once or twice is ok, but
too many of them is annoying :(
[ps: I am not the admin of this list, just giving a suggestion.]
> Why do I feel like repeating this old mantra: Bad security is worse
> than no security.
Sez you. Many disagree. Especially for a system in development, with
already has bad security.
Fine, would you like to work on this? Or do you purpose to worse the
already bad security?
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>Ssh should provide a non-cryptographically secure mode (such as
>using hashes of the low time bits, for example) for use on systems
>without a real random bit source.
>
> What Open SSH should do and not do, should be discussed on the Ope
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
> Why do I feel like repeating this old mantra: Bad security is worse
> than no security.
Sez you. Many disagree. Especially for a system in development, with
already has bad security.
[EMAIL PROTECTED] (Gaël Le Mignot) writes:
> This is the current implementation, yes, but /dev/urandom doesn't guarantee
> anything about the "quality" of the random bits. It can be secure, but it
> can be pseudo-random too, and any program that use /dev/urandom as a secure
> source of random bits
On Wed, 18 Dec 2002 11:58:52 +0100, Gaël Le Mignot said:
> This is the current implementation, yes, but /dev/urandom doesn't guarantee
> anything about the "quality" of the random bits. It can be secure, but it
It does. It even blocks (well, I checked years ago) as long as the
entropy pools has
On Wed, Dec 18, 2002 at 11:58:52AM +0100, Gaël Le Mignot wrote:
>
> Werner a écrit :
>
> > On Tue, 17 Dec 2002 13:36:21 +0100, Gaël Le Mignot said:
> >> And /dev/urandom is not really done for "cryptographic secure" randomness,
> >> it's the goal of /dev/random, not /dev/urandom (and AFAIK ss
Werner a écrit :
> On Tue, 17 Dec 2002 13:36:21 +0100, Gaël Le Mignot said:
>> And /dev/urandom is not really done for "cryptographic secure" randomness,
>> it's the goal of /dev/random, not /dev/urandom (and AFAIK ssh only uses
> That is not really true. The common implementations of /dev
On Tue, 17 Dec 2002 13:36:21 +0100, Gaël Le Mignot said:
> And /dev/urandom is not really done for "cryptographic secure" randomness,
> it's the goal of /dev/random, not /dev/urandom (and AFAIK ssh only uses
That is not really true. The common implementations of /dev/[u]random
for *BSD and Linux
Philip a écrit :
> 2. Does ssh only use urandom once, that is to generate keys while it is
> configuring? Again I have assumed yes.
ssh-keygen uses /dev/random to generate keys.
ssh and sshd uses /dev/urandom when they need weak random bits, like for
creating the temporary symetric key. At
* [Thomas Bushnell, BSG]
> Ssh should provide a non-cryptographically secure mode (such as using
> hashes of the low time bits, for example) for use on systems without a
> real random bit source.
I believe it does even better, and provides a mode where it hashes the
output of "ps aux" and suchli
On Tue, 17 Dec 2002, Hubert Chan wrote:
> Philip> 2. Does ssh only use urandom once, that is to generate keys while it
> is
> Philip> configuring? Again I have assumed yes.
>
> I don't think the public/private key (i.e. host key) generation is much
> of an issue, since one should be able to gen
> "Philip" == Philip Charles <[EMAIL PROTECTED]> writes:
Q1, I don't know the answer to, but I believe that your guess is right.
[...]
Philip> 2. Does ssh only use urandom once, that is to generate keys while it is
Philip> configuring? Again I have assumed yes.
I don't think the public/pr
On 17 Dec 2002, Thomas Bushnell, BSG wrote:
> Ssh should provide a non-cryptographically secure mode (such as using
> hashes of the low time bits, for example) for use on systems without a
> real random bit source.
>
> If it does not use that, it is reasonable for us to use a hack to
> provide som
No, we should use a random translator, which, at least, provide
uniform numbers, and differents number on successive reads.
Why do I feel like repeating this old mantra: Bad security is worse
than no security.
Ssh should provide a non-cryptographically secure mode (such as
using hashes of the low time bits, for example) for use on systems
without a real random bit source.
What Open SSH should do and not do, should be discussed on the Open
SSH mailing list, not here.
Neal a écrit :
>> > Your argument is absurd. Network security considerations are different
>> > than local system security considerations. We have control over who can
>> > have an account on our systems. We don't necessarily have control over
>> > who has access to our IP ports.
>>
>>
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>I agree that we should not have a fictitious /dev/urandom, but we
>should support ssh even so.
>
> Open SSH is supported, in an insecure way, by either a random
> translator, or the copying hack.
Ssh should provide a non-cryptographically s
On Wed, Dec 18, 2002 at 05:24:40AM +0700, Budi Rahardjo wrote:
> I guess most of you work on the GNU/Hurd in front of consoles,
> thus have no problem having no ssh (or assume that people could
> install it themselves). Fair enough...
I am using telnet. :)
> Now, could somebody point a quick tuto
> > Your argument is absurd. Network security considerations are different
> > than local system security considerations. We have control over who can
> > have an account on our systems. We don't necessarily have control over
> > who has access to our IP ports.
>
> These are all excellent reaso
Has everyone forgotten what this discussion actually about? We are
not talking about removing the Open SSH deb! We are talking about
adding ugly hacks like a broken random translator, or copying files
in-place of /dev/urandom.
I agree that we should not have a fictitious /dev/urandom, but we
should support ssh even so.
Open SSH is supported, in an insecure way, by either a random
translator, or the copying hack.
None of them are reasons to remove functionality.
No functionality is being removed.
On Wed, Dec 18, 2002 at 05:24:40AM +0700, Budi Rahardjo wrote:
> PS: is there anybody working on sendmail package? it compiles clean
> under GNU/Hurd.
Last I checked there were several dependencies that did not compile
cleanly. =( It's been about a year since I tried, though.
Tks,
Jeff Bailey
Ok. We all have read views from both sides. Let's stop the flames.
I guess most of you work on the GNU/Hurd in front of consoles,
thus have no problem having no ssh (or assume that people could
install it themselves). Fair enough...
Now, could somebody point a quick tutorial (for impatient people)
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
>Really, I don't think we delete packages just because we have bugs.
>We have *lots* of bugs, and it's inappopriate to remove packages as
>if we were a production system.
>
> Delete what exactly? We were talking about _adding_ a package.
Jeff Bailey <[EMAIL PROTECTED]> writes:
> On Tue, Dec 17, 2002 at 11:07:35AM -0800, Thomas Bushnell, BSG wrote:
>
> > > Without ext2fs the system is completly unusable, without random the
> > > system is quite usable. Without GNU Mach you don't even have a
> > > working system.
>
> > But you sa
But you said that "bad security is worse than no security". So
better no GNU Mach than an insecure one, right?
A system works just fine without a random translator, it does not work
at all without an secure, or insecure kernel. A random translator is
_not_ a crucial part of an system, a ke
On Tue, Dec 17, 2002 at 11:07:35AM -0800, Thomas Bushnell, BSG wrote:
> > Without ext2fs the system is completly unusable, without random the
> > system is quite usable. Without GNU Mach you don't even have a
> > working system.
> But you said that "bad security is worse than no security". So b
"Alfred M. Szmidt" <[EMAIL PROTECTED]> writes:
> Without ext2fs the system is completly unusable, without random the
> system is quite usable. Without GNU Mach you don't even have a
> working system.
But you said that "bad security is worse than no security". So better
no GNU Mach than an insec
Alfred a écrit :
>With allowing GNU/Hurd _users_ to _use_ an ssh client.
> What exactly prevents them from not using it? They can download the
> random translator and use it,
If they know where to find it. And it's a waste of time. And it makes things
more complex and tricky than they
With allowing GNU/Hurd _users_ to _use_ an ssh client.
What exactly prevents them from not using it? They can download the
random translator and use it, they can use the copying hack. Nothing
prevents them from not usin ssh. It also makes them aware that it is
insecrue, adding it hides this
Alfred a écrit :
>Why there are problems to enhace GNU/Hurd?
> Enhance the Hurd how exactly? With flawed security?
With allowing GNU/Hurd _users_ to _use_ an ssh client.
>Sooner or later hurd/random(?) server will be added to the base
>system...why not now?
> Because it is br
Why there are problems to enhace GNU/Hurd?
Enhance the Hurd how exactly? With flawed security?
Sooner or later hurd/random(?) server will be added to the base
system...why not now?
Because it is broken (in the sense of no good entropy source). Fix the
problems, and it might get added.
On Tue, Dec 17, 2002 at 12:42:59PM +0100, Alfred M. Szmidt wrote:
>I support the addition of ssh, *even* with a weak random.
>
> There was never any talk about removing ssh.
>
>Now, what's current best practice? We use this:
> http://kilobug.free.fr/hurd/random-64.tar.gz
>Is the
Alfred a écrit :
>I support the addition of ssh, *even* with a weak random.
> There was never any talk about removing ssh.
>Now, what's current best practice? We use this:
> http://kilobug.free.fr/hurd/random-64.tar.gz
>Is there a better alternative(s)?
> Or you can cop
I support the addition of ssh, *even* with a weak random.
There was never any talk about removing ssh.
Now, what's current best practice? We use this:
http://kilobug.free.fr/hurd/random-64.tar.gz
Is there a better alternative(s)?
Or you can copy /bin/bash to /dev/urandom, they are
Philip a écrit :
> The warning displayed at the end of total.sh
> echo "A file needs to be copied to /dev/urandom before ssh will configure"
> echo "then run . Security will be poor unless the file"
> echo "consists of random material."
Copying a file is even worse random data than using t
> I support the addition of ssh, *even* with a weak random.
ssh is not being excluded; it is in the archive, if you want it, you
just have to set it up yourself. By helping the user with this
horrible kludge--essentially installing pregenerated host keys--we are
creating a false sense of security
On Tue, 17 Dec 2002, Budi Rahardjo wrote:
> Even ssh/ssl had problems, but that doesn't stop people from
> using it *right now*. ie. not waiting until it is really ... really ...
> realy ... really (well, you get the point) secure.
>
> Just give a warning that current ssh implementation is not tha
I support the addition of ssh, *even* with a weak random.
The problem is, without ssh ... I would have to resort to telnet.
I have to manage/operate/update our GNU/hurd through network
and I am assuming many are in the same situation.
"Weak" ssh is better than telnet. Having a minimal clothes is
be
84 matches
Mail list logo
