Re: Configuration file with sensitive data (password)
ERSEK Laszlo wrote:
> On Sun, 15 Nov 2009, Nicolas Alvarez wrote:
>> But where to put the password?
>> Due to the protocol used during authentication, the daemon needs the
>> pass- word in plaintext form, it can't be a hash (remote client sends "I
>> want to auth", daemon sends nonce, remote client hashes password and
>> nonce, daemon compares hashes).
> The image stored on the server should rather be (salt, H(salt + pass)), in
> a world-readable plaintext file.
> 1. client sends auth request
> 2. daemon sends (nonce, salt)
> 3. client sends H(nonce + H(salt + pass))
> I'm not saying this is secure or anything, but it might be a bit less
> insecure. The nonce should protect against replay attacks, and the salt
> against precomputed password-hash tables.
I don't have the choice of changing the protocol. Clients doing
md5(nonce+passwd) have been in the wild for a few years now.