[RFE] replace crypt() hash algorithm

Hi,

Currently in use is MD5, broken and insecure. It should be replaced by SHA-512 or Blowfish(bcrypt): https://en.wikipedia.org/wiki/Crypt_(C)#Support_in_operating_systems

EDIT: it looks like Blowfish(bcrypt) is not supported by BusyBox passwd command.

Thanks,

1 Like

More discussion:

I remember posing this question before. The suggestion was NACKed. Don’t remember why.

Wikipedia…Support of something is one thing and using it is another.
We need to first establish where and what use MD5 to begin with!


CONFIG_CRYPTO_CRC32=y
CONFIG_CRYPTO_CRC32C=y
CONFIG_CRYPTO_LIB_BLAKE2S_GENERIC=y
CONFIG_CRYPTO_LIB_POLY1305_RSIZE=2
# CONFIG_CRYPTO_MD5_OCTEON is not set
CONFIG_CRYPTO_RNG2=y
# CONFIG_CRYPTO_SHA1_OCTEON is not set
# CONFIG_CRYPTO_SHA256_OCTEON is not set
# CONFIG_CRYPTO_SHA512_OCTEON is not set

If I look in kernel config for Octeon is is turned off. Mvebu, Realtek and Ath79 I don’t even find any kernel crypto config.

So is it turned off by default in upstream Kernel?

But then as far as Dropbear question then we come to the subject of what specific crypto hash different packages use. But that isn’t really OpenWrt.

For Luci it is OpenSSL, WolfSSL or mbedTLS that is controlling the crypto solution.

Regarding the /etc/shadow file, only /bin/passwd (busybox) and libc(musl) are involved:

# passwd --help
BusyBox v1.36.1 (2023-11-16 11:38:18 UTC) multi-call binary.

Usage: passwd [-a ALG] [-dlu] [USER]

Change USER's password (default: current user)

        -a ALG  des,md5,sha256/512 (default md5)
        -d      Set password to ''
        -l      Lock (disable) account
        -u      Unlock (enable) account

# ldd  /bin/passwd
        /lib/ld-musl-mips-sf.so.1 (0x77d5c000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77d2a000)
        libc.so => /lib/ld-musl-mips-sf.so.1 (0x77d5c000)

Uhhh kernel crypto has nothing to do with user space stuff

I changed the hash, from md5 (default) to sha512, for a new "nada" user . [SNAPSHOT, r24414-255d5c9bf8 (TP-Link Archer C7 v5)] and it works flawlessly:

/etc/shadow [ md5 (default) vs sha512 ]:
nada:$1$ulJHAsd1$KE.KvSiTGCNjCRZb0XW6b0:19681:0:99999:7:::
nada:$6$/3jpIdcdRvzitle6$Vu6/KSzgai1gI0tgbv3edeHo4s/QPzFjDV.8wH77k5WBF.gD4lMaexBFy/pSRNmcVooJ4CUZYLGBqG.Qvwqi/.:19681:0:99999:7:::

logging speed is the same, at least for this hardware.

1 Like

sha512crypt is recommended by hashcat's author, at it is very annoying to speed up for GPUs. bcrypt is probably overkill for embedded hardware.

There is a catch for sysupgrades, e.g. Debian recently removed for some older password hashes - which was not exactly fun to deal with.

Just checked this. Requires removing https://github.com/openwrt/openwrt/blob/main/toolchain/musl/patches/901-crypt_size_hack.patch AFAIK.

edit: nvm. Busybox implements crypto by itself instead of relying on libc.

DONE:

See ml thread ( [Are we still use md5 as default as password hash?] ) : http://lists.openwrt.org/pipermail/openwrt-devel/2024-January/thread.html#42111

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.