subiquity

missing yescrypt security hardening feature

Bug #2037742 reported by Mark Esler on 2023-09-29

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	subiquity	New	Undecided	Unassigned

Bug Description

Johan Hortling reported a missing security hardening feature in Ubuntu Server.

The subiquity installer for Ubuntu Server uses sha-512 instead of yescrypt to hash the users password. After installation, passwd uses yescrypt.

Tags:

Dan Bungert (dbungert) on 2023-09-29

tags:

added: foundations-todo

Revision history for this message

Michael Hudson-Doyle (mwhudson) wrote on 2023-10-03:

The annoying part of this is that it is not very easy at all to either (1) hash a password as passwd would do it (by using pam apis) or (2) figure out what algorithm pam is using to hash passwords (it's in /etc/pam.d/common-password but not in a very friendly way).

Revision history for this message

Dan Bungert (dbungert) wrote on 2023-10-03:

If looking up the default is sufficiently ugly I propose we just hardcode it to yescrypt and check in CI that `useradd ; passwd` or whatever actually uses the algorithm we expect. We won't be happy the day the CI check fails but at least we'll know promptly.

Revision history for this message

Michael Hudson-Doyle (mwhudson) wrote on 2023-10-03:

Yeah that makes sense I guess. Also the other issue is that I don't think we can easily access yescrypt from Python! I think that would be a very simple C wrapper around libcrypt.so though.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.