>> The hostid is not secret, because the last part of the ethernet
>> address IS the last three bytes of the hostid, and [...]
> By default this is the case, but the hostid is relatively easy to
> change in most cases.

If you're prepared to pull the idprom, you might as well pull the other
ROMs and put in ones with real crypto code.  I was trying to design a
mechanism that would work for stock hardware.

> The eeprom password could also be a reasonable secret if you could
> get at it.

On every Sun-3 I've seen, privileged code (kernel, bootblocks, etc) can
read it right out of the eeprom ("strings - /dev/eeprom" works nicely
from the command line).  This doesn't work on OpenProm SPARCs (I don't
know whether the PROM is willing to give out the password to the kernel
on those), but this _is_ port-sun3....

					der Mouse

			       mouse@rodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B