Re: Which password cipher ?

[Julio Merino <jmmv84%gmail.com@localhost>]

On 12/1/10 10:05 AM, Antti Kantee wrote:
> Because the standard solution around here is to not have a solution
> and add flags and toggles and levers and knobs, i.e. outsource the
> discussion.
My original question was more rhetorical than anything else ;P
> Does sysinst even make it possible to select sha1?  Yes, let's just
> drop the question from sysinst.
Yes it does; it actually offers 4 choices (last time I checked) and no 
explanation whatsoever (other than the 8-char limitation of DES) as to 
why you would want one or the other.

If we are to change the default, I presume the right way to do this 
would be to modify the default passwd.conf file in src/etc and drop all 
code that mucks with it from sysinst.  See attached patch.
Index: etc/passwd.conf
===================================================================
RCS file: /cvsroot/src/etc/passwd.conf,v
retrieving revision 1.2
diff -u -p -r1.2 passwd.conf
--- etc/passwd.conf     15 Apr 2002 07:48:00 -0000      1.2
+++ etc/passwd.conf     1 Dec 2010 11:06:49 -0000
@@ -4,6 +4,6 @@
 #      password configuration file
 #
 
-#default:
-#      localcipher = md5
-#      ypcipher = old
+default:
+       localcipher = sha1
+       ypcipher = sha1
Index: distrib/utils/sysinst/defs.h
===================================================================
RCS file: /cvsroot/src/distrib/utils/sysinst/defs.h,v
retrieving revision 1.148
diff -u -p -r1.148 defs.h
--- distrib/utils/sysinst/defs.h        27 Jan 2010 11:02:03 -0000      1.148
+++ distrib/utils/sysinst/defs.h        1 Dec 2010 11:06:49 -0000
@@ -409,7 +409,6 @@ unsigned int    set_X11_selected(void);
 int    get_and_unpack_sets(int, msg, msg, msg);
 int    sanity_check(void);
 int    set_timezone(void);
-void   set_crypt_type(void);
 int    set_root_password(void);
 int    set_root_shell(void);
 void   scripting_fprintf(FILE *, const char *, ...);
Index: distrib/utils/sysinst/install.c
===================================================================
RCS file: /cvsroot/src/distrib/utils/sysinst/install.c,v
retrieving revision 1.43
diff -u -p -r1.43 install.c
--- distrib/utils/sysinst/install.c     19 Sep 2009 14:57:27 -0000      1.43
+++ distrib/utils/sysinst/install.c     1 Dec 2010 11:06:49 -0000
@@ -123,8 +123,6 @@ do_install(void)
 
        set_timezone();
 
-       set_crypt_type();
-
        set_root_password();
        set_root_shell();
        
Index: distrib/utils/sysinst/menus.mi
===================================================================
RCS file: /cvsroot/src/distrib/utils/sysinst/menus.mi,v
retrieving revision 1.38
diff -u -p -r1.38 menus.mi
--- distrib/utils/sysinst/menus.mi      30 Mar 2010 20:09:25 -0000      1.38
+++ distrib/utils/sysinst/menus.mi      1 Dec 2010 11:06:49 -0000
@@ -293,13 +293,6 @@ menu fdok, title MSG_What_do_you_want_to
        option MSG_Set_finished, exit, action { *(int *)arg = SET_OK; };
        option MSG_Abort_fetch, exit, action { *(int *)arg = SET_RETRY; };
 
-menu crypttype, title MSG_Password_cipher, y=15;
-       option MSG_SHA1, exit, action { yesno = 4; };
-       option MSG_DES, exit, action { yesno = 1; };
-       option MSG_MD5, exit, action { yesno = 2; };
-       option MSG_Blowfish_2_7_round, exit, action { yesno = 3; };
-       option MSG_do_not_change, exit, action { yesno = 0; };
-
 menu fd_type, title MSG_fd_type, y=16;
        option "msdos", exit, action { fd_type = "msdos"; };
        option "ffs",   exit, action { fd_type = "ffs"; };
Index: distrib/utils/sysinst/msg.mi.de
===================================================================
RCS file: /cvsroot/src/distrib/utils/sysinst/msg.mi.de,v
retrieving revision 1.52
diff -u -p -r1.52 msg.mi.de
--- distrib/utils/sysinst/msg.mi.de     30 Mar 2010 20:09:25 -0000      1.52
+++ distrib/utils/sysinst/msg.mi.de     1 Dec 2010 11:06:49 -0000
@@ -890,22 +890,6 @@ die Taste 'x' gefolgt von der Eingabetas
 message tz_back
 { Zurück zum Zeitzonenmenü.}
 
-message choose_crypt
-{Bitte wählen Sie den gewünschten Ver-/Entschlüsselungsalgorithmus (Cipher)
-für Benutzerpassworte. NetBSD kann DES, MD5, Blowfish oder SHA1 benutzen.
-
-Das traditionelle DES-System ist mit den meisten anderen UNIX-ähnlichen
-Betriebssystemen kompatibel, allerdings werden nur die ersten 8 Zeichen eines
-jeden Passworts berücksichtigt. Das MD5, Blowfish und SHA1 System erlaubt
-längere Passwörter, was unter Umständen als sicherer interpretiert werden kann.
-
-Wenn Sie ein Netzwerk haben und planen, NIS zu nutzen, berücksichtigen
-Sie hier bitte auch die Möglichkeiten der anderen Maschinen im Netzwerk.
-
-Wenn Sie NetBSD aktualisieren und die bestehende Konfiguration nicht
-verändern möchten, so wählen Sie "Beibehalten".
-}
-
 message swapactive
 {Das Laufwerk, das Sie ausgewählt haben, verfügt über eine Swappartition, die
 gegenwärtig auch benutzt wird.
@@ -998,12 +982,6 @@ message Skip_set {Paket überspringen}
 message Skip_group {Paketgruppe überspringen}
 message Abandon {Installation abbrechen}
 message Abort_fetch {Holen abbrechen}
-message Password_cipher {Passwort Verschlüsselungsverfahren}
-message DES {DES}
-message MD5 {MD5}
-message Blowfish_2_7_round {Blowfish mit 2^7 Wiederholungen}
-message SHA1 {SHA1}
-message do_not_change {Beibehalten}
 message Device {Gerät}
 message File_system {Dateisystem}
 message Select_IPv6_DNS_server {  Auswählen eines IPv6 DNS Servers}
Index: distrib/utils/sysinst/msg.mi.en
===================================================================
RCS file: /cvsroot/src/distrib/utils/sysinst/msg.mi.en,v
retrieving revision 1.160
diff -u -p -r1.160 msg.mi.en
--- distrib/utils/sysinst/msg.mi.en     30 Mar 2010 20:09:25 -0000      1.160
+++ distrib/utils/sysinst/msg.mi.en     1 Dec 2010 11:06:50 -0000
@@ -831,22 +831,6 @@ Press 'x' followed by RETURN to quit the
 message tz_back
 { Back to main timezone list}
 
-message choose_crypt
-{Please choose the password cipher to use. NetBSD can be configured to use
-either the DES, MD5, Blowfish or SHA1 schemes.
-
-The traditional DES scheme is compatible with most other Unix-like operating
-systems, but only the first 8 characters of any password will be recognised.
-The MD5, Blowfish and SHA1 schemes allow for longer passwords, and some would
-argue that it's more secure.
-
-If you have a network and intend to use NIS, please bear in mind the
-capabilities of other machines on your network.
-
-If you are upgrading and would like to keep configuration unchanged,
-choose the last option "do not change".
-}
-
 message swapactive
 {The disk that you selected has a swap partition that may currently be
 in use if your system is low on memory. Because you are going to
@@ -940,12 +924,6 @@ message Skip_set {Skip set}
 message Skip_group {Skip set group}
 message Abandon {Abandon installation}
 message Abort_fetch {Abort fetch}
-message Password_cipher {Password cipher}
-message DES {DES}
-message MD5 {MD5}
-message Blowfish_2_7_round {Blowfish 2^7 round}
-message SHA1 {SHA1}
-message do_not_change {do not change}
 message Device {Device}
 message File_system {File system}
 message Select_IPv6_DNS_server {  Select IPv6 DNS server}
Index: distrib/utils/sysinst/msg.mi.es
===================================================================
RCS file: /cvsroot/src/distrib/utils/sysinst/msg.mi.es,v
retrieving revision 1.29
diff -u -p -r1.29 msg.mi.es
--- distrib/utils/sysinst/msg.mi.es     30 Mar 2010 20:09:25 -0000      1.29
+++ distrib/utils/sysinst/msg.mi.es     1 Dec 2010 11:06:50 -0000
@@ -855,23 +855,6 @@ zona horaria.
 message tz_back
 { Volver a la lista principal de zonas horarias}
 
-message choose_crypt
-{Por favor, seleccione el algoritmo de cifrado de contraseñas a usar.
-NetBSD puede ser configurado para usar los esquemas DES, MD5 o Blowfish.
-
-El esquema tradicional DES es compatible con la mayoría de los demás
-sistemas operativos de tipo Unix, pero sólo se reconocerán los primeros 8
-carácteres de cualquier contraseña.
-Los esquemas MD5 y Blowfish permiten contraseñas más largas, y algunos
-aseguran que es más seguro.
-
-Si tiene una red y pretende usar NIS, por favor considere las capacidades
-de otras máquinas en su red.
-
-Si está actualizando y le gustaria mantener la configuración sin cambios,
-escoja la última opción «no cambiar».
-}
-
 message swapactive
 {El disco que ha seleccionado tiene una partición de intercambio (swap) que
 puede que esté en uso actualmente si su sistema tiene poca memoria.  Como 
@@ -966,12 +949,6 @@ message Skip_set {Omitir conjunto}
 message Skip_group {Omitir grupo de conjuntos}
 message Abandon {Abandonar instalación}
 message Abort_fetch {Abortar lectura}
-message Password_cipher {Cifrado de las contraseñas}
-message DES {DES}
-message MD5 {MD5}
-message Blowfish_2_7_round {Blowfish 2^7 round}
-message SHA1 {SHA1}
-message do_not_change {no cambiar}
 message Device {Dispositivo}
 message File_system {Sistema de archivos}
 message Select_IPv6_DNS_server {  Seleccione servidor DNS de IPv6}
Index: distrib/utils/sysinst/msg.mi.fr
===================================================================
RCS file: /cvsroot/src/distrib/utils/sysinst/msg.mi.fr,v
retrieving revision 1.110
diff -u -p -r1.110 msg.mi.fr
--- distrib/utils/sysinst/msg.mi.fr     30 Mar 2010 20:09:25 -0000      1.110
+++ distrib/utils/sysinst/msg.mi.fr     1 Dec 2010 11:06:50 -0000
@@ -912,23 +912,6 @@ Appuyez sur "x" puis Entrée pour valider
 message tz_back
 { Retour à la liste principale des fuseaux horaires}
 
-message choose_crypt   
-{
-Veuillez sélectionner le type de hachage des mots de passe.
-NetBSD supporte DES, MD5, Blowfish et SHA1.
-
-DES est compatible avec la plupart des systèmes de type Unix mais ne
-permet pas d'utiliser plus de huit caractères pour les mots de passe.
-MD5, Blowfish et SHA1 permettent d'utiliser des mots de passe plus longs,
-ce qui peut être plus sécurisé.
-
-Si votre réseau comporte NIS, veuillez vérifier la capacité des
-autres machines composant ce dernier.
-
-Si vous effectuez une mise à jour et que vous souhaitez conserver la
-configuration déjà existante, veuillez choisir "Ne rien changer".
-}
-
 message swapactive
 {
 Le disque sélectionné dispose d'une partition d'échange (swap) qui
@@ -1032,12 +1015,6 @@ message Skip_set {Sauter cet ensemble}
 message Skip_group {Sauter ce groupe}
 message Abandon {Abandonner l'installation}
 message Abort_fetch {Annuler la récupération}
-message Password_cipher {Chiffrement du mot de passe}
-message DES {DES}
-message MD5 {MD5}
-message Blowfish_2_7_round {Blowfish à 2^7 rondes}
-message SHA1 {SHA1}
-message do_not_change {ne rien changer}
 message Device {Périphérique}
 message File_system {Système de fichiers}
 message Select_IPv6_DNS_server {  Choisissez un serveur de noms IPv6 :}
Index: distrib/utils/sysinst/msg.mi.pl
===================================================================
RCS file: /cvsroot/src/distrib/utils/sysinst/msg.mi.pl,v
retrieving revision 1.68
diff -u -p -r1.68 msg.mi.pl
--- distrib/utils/sysinst/msg.mi.pl     30 Mar 2010 20:09:25 -0000      1.68
+++ distrib/utils/sysinst/msg.mi.pl     1 Dec 2010 11:06:50 -0000
@@ -828,22 +828,6 @@ Nacisnij 'x' a potem ENTER aby wyjsc.
 message tz_back
 {Powroc do glownej listy stref}
 
-message choose_crypt
-{Wybierz sposob szyfrowania hasel, ktorego chcesz uzywac. NetBSD moze korzystac
-z DES, MD5 lub Blowfish.
-
-Tradycyjna metoda DES jest kompatybilna z wiekszoscia unixowych systemow
-operacyjnych, ale wtedy tylko 8 pierwszych znakow w hasle jest rozpoznawanych.
-Metody MD5 oraz Blowfish umozliwiaja dluzsze hasla, niektorzy uwazaja to za
-bardziej bezpieczne.
-
-Jesli posiadasz siec oraz zamierasz korzystac z NIS, pamietaj o mozliwosciach
-maszyn w twojej sieci i wynikajacych stad ograniczeniach.
-
-Jezeli uaktualniasz swoj system i nie chcesz, aby zostaly dokonane zmiany w
-konfiguracji, wybierz ostatnia opcje "nie zmieniaj".
-}
-
 message swapactive
 {Dysk, ktory wybrales posiada partycje wymiany, ktora moze byc aktualnie
 w uzyciu jesli twoj system ma malo pamieci. Poniewaz chcesz zmienic uklad
@@ -933,12 +917,6 @@ message Skip_set {Pomin pakiet}
 message Skip_group {Pomin grupe pakietow}
 message Abandon {Przerwij instalacje}
 message Abort_fetch {Przerwij pobieranie}
-message Password_cipher {Kodowanie hasel}
-message DES {DES}
-message MD5 {MD5}
-message Blowfish_2_7_round {Blowfish 2^7 round}
-message SHA1 {SHA1}
-message do_not_change {nie zmieniaj}
 message Device {Urzadzenie}
 message File_system {SystemPlikow}
 message Select_IPv6_DNS_server {  Wybierz serwer nazw IPv6}
Index: distrib/utils/sysinst/util.c
===================================================================
RCS file: /cvsroot/src/distrib/utils/sysinst/util.c,v
retrieving revision 1.165
diff -u -p -r1.165 util.c
--- distrib/utils/sysinst/util.c        5 Apr 2010 22:53:02 -0000       1.165
+++ distrib/utils/sysinst/util.c        1 Dec 2010 11:06:50 -0000
@@ -1354,41 +1354,6 @@ done:
        return 1;
 }
 
-static
-void
-replace_crypt_type(const char *localcipher, const char *ypcipher)
-{
-
-       replace("/etc/passwd.conf", "s/^.*default:.*$/default:/;"
-           "s/^.*localcipher.*$/\tlocalcipher = %s/;"
-           "s/^.*ypcipher.*$/\typcipher = %s/", localcipher, ypcipher);
-}
-
-void
-set_crypt_type(void)
-{
-
-       msg_display(MSG_choose_crypt);
-       process_menu(MENU_crypttype, NULL);
-
-       switch (yesno) {
-       case 0:
-               break;
-       case 1: /* DES */
-               replace_crypt_type("old", "old");
-               break;
-       case 2: /* MD5 */
-               replace_crypt_type("md5", "md5");
-               break;
-       case 3: /* blowfish 2^7 */
-               replace_crypt_type("blowfish,7", "blowfish,7");
-               break;
-       case 4: /* sha1 */
-               replace_crypt_type("sha1", "sha1");
-               break;
-       }
-}
-
 int
 set_root_password(void)
 {
Index: doc/CHANGES
===================================================================
RCS file: /cvsroot/src/doc/CHANGES,v
retrieving revision 1.1464
diff -u -p -r1.1464 CHANGES
--- doc/CHANGES 28 Nov 2010 00:26:39 -0000      1.1464
+++ doc/CHANGES 1 Dec 2010 11:06:50 -0000
@@ -792,3 +792,8 @@ Changes from NetBSD 5.0 to NetBSD 6.0:
        dhcpcd(8): Import dhcpcd-5.2.9. [roy 20101127]
        postfix(1): Import version 2.7.2 [tron 20101127]
        module: Rename <module>.prop to <module>.plist.  [jnemeth 20101127]
+       passwd.conf(5): Set the default cyphers for passwords to 'sha1'.
+               [jmmv 20101201]
+       sysinst(8): Drop the question to select a password cypher algorithm
+               in favor of a saner default setting that can later be changed
+               by the user.  [jmmv 20101112]
Index: share/man/man5/passwd.conf.5
===================================================================
RCS file: /cvsroot/src/share/man/man5/passwd.conf.5,v
retrieving revision 1.9
diff -u -p -r1.9 passwd.conf.5
--- share/man/man5/passwd.conf.5        3 Oct 2009 12:45:15 -0000       1.9
+++ share/man/man5/passwd.conf.5        1 Dec 2010 11:06:50 -0000
@@ -28,7 +28,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd September 4, 2005
+.Dd December 1, 2010
 .Dt PASSWD.CONF 5
 .Os
 .Sh NAME
@@ -57,6 +57,7 @@ Some fields and their possible values th
 .Bl -tag -width localcipher
 .It Sy localcipher
 The cipher to use for local passwords.
+.Pp
 Possible values are:
 .Dq old ,
 .Dq newsalt,\*[Lt]rounds\*[Gt] ,
@@ -75,9 +76,16 @@ For
 .Dq blowfish
 the value can be between 4 and 31.
 It specifies the base 2 logarithm of the number of rounds.
+.Pp
+If not specified, the default value is
+.Dq old .
 .It Sy ypcipher
 The cipher to use for YP passwords.
+.Pp
 The possible values are the same as for localcipher.
+.Pp
+If not specified, the default value is
+.Dq old .
 .El
 .Pp
 To retrieve information from this file use
@@ -107,3 +115,14 @@ The
 .Nm
 configuration file first appeared in
 .Nx 1.6 .
+.Pp
+The default values of
+.Sy localcypher
+and
+.Sy ypcipher
+were set to
+.Dq sha1
+in
+.Pa /etc/passwd.conf
+starting from
+.Nx 6.0 .