Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1001353: libpam-modules: common-password doesn't handle rounds parameter when using yescrypt
159 views
Skip to first unread message
Brian Minton
Dec 8, 2021, 6:10:04 PM12/8/21
to
Package: libpam-modules
Version: 1.4.0-10
Severity: normal
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
In /etc/pam.d/common-password I have the following:
password [success=1 default=ignore] pam_unix.so obscure yescrypt rounds=2097152
I've experiemented with various values of the rounds parameter, but no value I
can put in produces a difference in the shadow file, or in the time to hash a
password. According to the documentation for the yescrypt algorithm, the N
parameter must be a power of two.
Here's an example:
with rounds=524288
bminton:$y$j9T$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:18969:0:99999:7:::
and with rounds=16777216
bminton:$y$j9T$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:18969:0:99999:7:::
Note that the parameters section of the modular crypt entry, j9T is the same in
both cases. I've also confirmed that when using sha256, sha512, or blowfish
(for bcrypt) options, the shadow file contains the correct rounds parameter.
It's also worth noting that with sha256 or sha512, the rounds parameter is the
actual number of rounds, while with blowfish the rounds parameter is raised to
the power of 2. I've tried both sizes of integers for yescrypt but haven't
ever seen any change in the output.
- - -- System Information:
Debian Release: 11.1
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'stable-security'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-9-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libpam-modules depends on:
ii debconf [debconf-2.0] 1.5.77
ii libaudit1 1:3.0-2
ii libc6 2.32-5
ii libcrypt1 1:4.4.18-4
ii libdb5.3 5.3.28+dfsg1-0.8
ii libnsl2 1.3.0-2
ii libpam-modules-bin 1.4.0-10
ii libpam0g 1.4.0-9+deb11u1
ii libselinux1 3.1-3
ii libtirpc3 1.3.1-1
libpam-modules recommends no packages.
libpam-modules suggests no packages.
- - -- debconf information:
libpam-modules/profiles-disabled:
* libpam-modules/disable-screensaver:
libpam-modules/deprecate-tally:
-----BEGIN PGP SIGNATURE-----
iHUEAREIAB0WIQT5xLt2Dng/DewQpoprjrOgZc+6qQUCYbE4uAAKCRBrjrOgZc+6
qZPNAP9uA/ML3jPJ2Dqc3Gj59zlM7rlPI7sLD5JAvt1JPS0JKAD7BXO5ngx5wwUv
Rgq202b3p7pfLAf+DlhvSoZLNlXiX9k=
=45LD
-----END PGP SIGNATURE-----
Version: 1.4.0-10
Severity: normal
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
In /etc/pam.d/common-password I have the following:
password [success=1 default=ignore] pam_unix.so obscure yescrypt rounds=2097152
I've experiemented with various values of the rounds parameter, but no value I
can put in produces a difference in the shadow file, or in the time to hash a
password. According to the documentation for the yescrypt algorithm, the N
parameter must be a power of two.
Here's an example:
with rounds=524288
bminton:$y$j9T$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:18969:0:99999:7:::
and with rounds=16777216
bminton:$y$j9T$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:18969:0:99999:7:::
Note that the parameters section of the modular crypt entry, j9T is the same in
both cases. I've also confirmed that when using sha256, sha512, or blowfish
(for bcrypt) options, the shadow file contains the correct rounds parameter.
It's also worth noting that with sha256 or sha512, the rounds parameter is the
actual number of rounds, while with blowfish the rounds parameter is raised to
the power of 2. I've tried both sizes of integers for yescrypt but haven't
ever seen any change in the output.
- - -- System Information:
Debian Release: 11.1
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'stable-security'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-9-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libpam-modules depends on:
ii debconf [debconf-2.0] 1.5.77
ii libaudit1 1:3.0-2
ii libc6 2.32-5
ii libcrypt1 1:4.4.18-4
ii libdb5.3 5.3.28+dfsg1-0.8
ii libnsl2 1.3.0-2
ii libpam-modules-bin 1.4.0-10
ii libpam0g 1.4.0-9+deb11u1
ii libselinux1 3.1-3
ii libtirpc3 1.3.1-1
libpam-modules recommends no packages.
libpam-modules suggests no packages.
- - -- debconf information:
libpam-modules/profiles-disabled:
* libpam-modules/disable-screensaver:
libpam-modules/deprecate-tally:
-----BEGIN PGP SIGNATURE-----
iHUEAREIAB0WIQT5xLt2Dng/DewQpoprjrOgZc+6qQUCYbE4uAAKCRBrjrOgZc+6
qZPNAP9uA/ML3jPJ2Dqc3Gj59zlM7rlPI7sLD5JAvt1JPS0JKAD7BXO5ngx5wwUv
Rgq202b3p7pfLAf+DlhvSoZLNlXiX9k=
=45LD
-----END PGP SIGNATURE-----
Brian Minton
Mar 22, 2022, 11:30:04 AM3/22/22
to
Package: libpam-modules
Version: 1.4.0-11
Followup-For: Bug #1001353
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
After some additional testing (the mkpasswd utilitity was helpful as well), I
discovered that settings of the rounds parameter from 1 to 11 actually do make
a difference for the shadow file. With rounds=11 I got the following:
bminton:$y$jFT$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:19073:0:99999:7:::
That hash actually took about half a second to calculate:
time echo 'asdf
asdf'|passwd bminton
New password: Retype new password: passwd: password updated successfully
real 0m0.637s
user 0m0.535s
sys 0m0.088s
So, I propose that this is a documentation issue. The valid range of the
rounds parameter should be documented.
- -- System Information:
Debian Release: bookworm/sid
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'stable-security'), (400, 'testing'), (1, 'experimental')
ii libaudit1 1:3.0.6-1+b1
ii libc6 2.33-7
ii libcrypt1 1:4.4.27-1.1
ii libpam0g 1.4.0-11
ii libselinux1 3.3-1+b1
ii libtirpc3 1.3.2-2
libpam-modules recommends no packages.
libpam-modules suggests no packages.
- -- debconf information:
libpam-modules/deprecate-tally:
libpam-modules/profiles-disabled:
* libpam-modules/disable-screensaver:
-----BEGIN PGP SIGNATURE-----
iHUEAREIAB0WIQT5xLt2Dng/DewQpoprjrOgZc+6qQUCYjnqTQAKCRBrjrOgZc+6
qSeUAP9l7LdaNHwUTGKkCA5gG1ldDFURkaUo66Q0YgucQdHu1AD7B+olID3isq8V
QBUdvzUhpo3v1aM3cB5yQqdvqvJiJSk=
=H6Y2
-----END PGP SIGNATURE-----
Version: 1.4.0-11
Followup-For: Bug #1001353
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
discovered that settings of the rounds parameter from 1 to 11 actually do make
a difference for the shadow file. With rounds=11 I got the following:
bminton:$y$jFT$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:19073:0:99999:7:::
That hash actually took about half a second to calculate:
time echo 'asdf
asdf'|passwd bminton
New password: Retype new password: passwd: password updated successfully
real 0m0.637s
user 0m0.535s
sys 0m0.088s
So, I propose that this is a documentation issue. The valid range of the
rounds parameter should be documented.
- -- System Information:
Debian Release: bookworm/sid
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'stable-security'), (400, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-11-amd64 (SMP w/8 CPU threads)
Foreign Architectures: i386
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libpam-modules depends on:
ii debconf [debconf-2.0] 1.5.79
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libpam-modules depends on:
ii libaudit1 1:3.0.6-1+b1
ii libc6 2.33-7
ii libcrypt1 1:4.4.27-1.1
ii libdb5.3 5.3.28+dfsg1-0.8
ii libnsl2 1.3.0-2
ii libpam-modules-bin 1.4.0-11
ii libnsl2 1.3.0-2
ii libpam0g 1.4.0-11
ii libselinux1 3.3-1+b1
ii libtirpc3 1.3.2-2
libpam-modules recommends no packages.
libpam-modules suggests no packages.
libpam-modules/deprecate-tally:
libpam-modules/profiles-disabled:
* libpam-modules/disable-screensaver:
-----BEGIN PGP SIGNATURE-----
iHUEAREIAB0WIQT5xLt2Dng/DewQpoprjrOgZc+6qQUCYjnqTQAKCRBrjrOgZc+6
qSeUAP9l7LdaNHwUTGKkCA5gG1ldDFURkaUo66Q0YgucQdHu1AD7B+olID3isq8V
QBUdvzUhpo3v1aM3cB5yQqdvqvJiJSk=
=H6Y2
-----END PGP SIGNATURE-----
0 new messages