Bug 42103 – root password is hashed with MD5

Bug 42103 - root password is hashed with MD5


Summary:	root password is hashed with MD5

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	PAM
Version:	UCS 4.1
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.1-3-errata
Assigned To:	Florian Best
QA Contact:	Stefan Gohmann

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2016-08-23 22:59 CEST by Michael Grandjean
Modified:	2016-10-20 12:40 CEST (History)
CC List:	2 users (show)

See Also:
What kind of report is it?:	Security Issue
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:	Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):	API change, Security
Max CVSS v3 score:

Attachments
Replace md5 with sha512, remove nullok, min, max (889 bytes, patch) 2016-08-23 23:02 CEST, Michael Grandjean	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael Grandjean

2016-08-23 22:59:38 CEST

UCS 4.1-3 errata 237

Expected behaviour:
The UCRV "password/hashing/method" specifies "SHA-512" as default hashing method for all passwords.

Observed behaviour:
"password/hashing/method" is only valid for LDAP users. For local users (such as "root") we still use MD5 (or md5crypt iirc):

> root@ucs-2920:~# less /etc/shadow | grep root
> root:$1$F5qxj2Hh$kVYT3gvF2GFpC3CGAFAAQ/:17036:0:99999:7:::

"$1$" indicates MD5 / md5crypt as hashing method.

Possible solution:
AFAIK /etc/pam.d/common-password is responsible for this:
> password        [success=2 default=ignore]      pam_unix.so nullok obscure md5 min=4 max=32 try_first_pass use_authtok

We should replace 'md5' with 'sha512'.
I also think we should remove 'nullok', because empty root passwords don't seem acceptable to me. The 'min' and 'max' settings seem outdated as they have no effect: I can ignore the warnings and set a root password with only 1 character (or one with 35 characters) nevertheless.

The default Debian Wheezy config uses this:
> password        [success=2 default=ignore]      pam_unix.so obscure use_authtok try_first_pass sha512

Comment 1 Michael Grandjean

2016-08-23 23:02:14 CEST

Created attachment 7919 [details]
Replace md5 with sha512, remove nullok, min, max

Comment 2 Florian Best

2016-08-24 11:57:30 CEST

On my UCS 4.1 system my root password is not hashed with MD5 but with SHA-512. Which tool did you use to change the root password?

Comment 3 Florian Best

2016-08-24 12:01:50 CEST

(In reply to Florian Best from comment #2)
> On my UCS 4.1 system my root password is not hashed with MD5 but with
> SHA-512. Which tool did you use to change the root password?
Ah okay, I could reproduce this with the following python script:

import PAM
auth = PAM.pam()
auth.start('univention-management-console')
auth.chauthtok()

Comment 4 Florian Best

2016-10-14 14:01:36 CEST

All relevant pam configuration files:
grep -l pam_unix $(find $(find -name pam.d -type d) -type f)

* Removed min and max parameter as don't exists (/aren't documented). Default minlen is 6.
* Changed MD5 to SHA512
* Removed nullok

From pam_unix manpage:
nullok: The default action of this module is to not permit the user access to a service if their official password is blank. The nullok argument overrides this default and allows any user with a blank password to access the service.

So after this change it's not possible to change the password anymore if it is empty. I don't know which side effects this can have. We will see tomorrow if the jenkins tests fail if e.g. system-setup tries to use this when initially setting the password for root. Michael/The security auditors wants this change. It's also the debian default.

univention-ldap (12.1.6-40):
r73236 | Bug #42103: enhance pam_unix password change configuration
r73235 | Bug #42103: enhance pam_unix password change configuration

univention-ldap.yaml:
r73236 | Bug #42103: enhance pam_unix password change configuration

univention-pam (9.0.0-7):
r73236 | Bug #42103: enhance pam_unix password change configuration
r73235 | Bug #42103: enhance pam_unix password change configuration

univention-management-console (8.0.28-19):
r73236 | Bug #42103: enhance pam_unix password change configuration
r73235 | Bug #42103: enhance pam_unix password change configuration

univention-pam.yaml:
r73236 | Bug #42103: enhance pam_unix password change configuration

univention-management-console.yaml:
r73236 | Bug #42103: enhance pam_unix password change configuration

Merge to UCS 4.2:
univention-ldap (13.0.0-11):
r73238 | Bug #42103: enhance pam_unix password change configuration
r73237 | Bug #42103: enhance pam_unix password change configuration

univention-management-console (9.0.12-24):
r73238 | Bug #42103: enhance pam_unix password change configuration
r73237 | Bug #42103: enhance pam_unix password change configuration

univention-pam (10.0.0-2):
r73238 | Bug #42103: enhance pam_unix password change configuration
r73237 | Bug #42103: enhance pam_unix password change configuration

Comment 5 Florian Best

2016-10-14 14:09:02 CEST

univention-pam (9.0.0-8):
r73239 | Bug #42103: adjust pseudo tests

Comment 6 Stefan Gohmann

2016-10-19 11:20:08 CEST

Tests: OK, the new hashes are SHA 256

Code review: OK

Merge to 4.2: OK

YAML: OK

Comment 7 Janek Walkenhorst

2016-10-20 12:40:33 CEST

<http://errata.software-univention.de/ucs/4.1/302.html>
<http://errata.software-univention.de/ucs/4.1/303.html>
<http://errata.software-univention.de/ucs/4.1/304.html>