View Issue Details

IDProjectCategoryView StatusLast Update
0001924unrealircdpublic2007-05-19 21:08
ReportersyzopAssigned Toaquanight 
PrioritynormalSeverityfeatureReproducibilityalways
Status resolvedResolutionfixed 
Product Version 
Target VersionFixed in Version3.3-alpha0 
Summary0001924: cloak key generator, like './unreal gen-cloak'
Description(feature request by DarkAngel)
probably a good idea to let the thing generate 3 random a-z/A-Z/0-9 keys of 15-20 chars in length... Guaranteed to be properly random then (if done ok), since humans are usually a bit less random ;p.

Perhaps one for passwords too? Who knows.

Those are just ideas, but I can see the usefulness:)
TagsNo tags attached.
3rd party modules

Activities

codemastr

2004-07-06 18:08

reporter   ~0006899

Well, I had considered something like this a long time ago when we had our makeconf stuff. The reason I never did was, people might get the idea that you do not need to have the same cloak keys on all servers and would instead generate their own cloak keys for each server.

syzop

2004-07-06 18:12

administrator   ~0006901

Yeah, I think it's a good idea to print out a nice warning about that too :).

aquanight

2007-04-28 21:49

reporter   ~0013919

Bump.

Is this still needed/wanted? Personally, I've found that doing mkpasswd with a few simple keywords makes some good keys.

Stealth

2007-04-29 01:01

reporter   ~0013921

Perhaps ./unreal gen-cloak <something here>

The something here part can be a word or phrase, and the script runs a mkpasswd on whatever text is there and outputs keys from that (like WEP keys)

syzop

2007-05-08 13:47

administrator   ~0014053

I'd like something without user input, because.. users are most of the time not random enough at entering something.

aquanight

2007-05-09 21:29

reporter   ~0014065

True. How random do we want though? Is it enough to, say, psuedorandom up a handful of bytes, pass them through auth.c::mkpass_md5() or something? Or do we want cryptographic secure (read off some stuff from /dev/random, for example)? Or what?

I'd say psuedorandom a good-sized string (60~80 bytes should be more than enough), hash (or don't and just base64encode), repeat. More than enough for good keys. Probability of generating illegal keys (due to duplicating) is pretty much nothing to worry about.

tabrisnet

2007-05-09 22:54

reporter   ~0014068

Last edited: 2007-05-10 10:22

I've got a perl script to make random alphanumeric passwords. Admittedly it is quite similar to the expect script, but it should be more secure (the mkpasswd expect script has known security issues regarding its randomness)
http://svn.tabris.net/repos/mkpass/trunk/mkpass.pl
Added the option to return multiple passes, like this:
./mkpass.pl -l 25 -c 3

Bricker

2007-05-09 23:52

reporter   ~0014071

I like it, i dont trust always users making their own randomness. humans are prone to repetitiveness. good idea to have i think

tabrisnet

2007-05-18 18:23

reporter   ~0014171

Any reason this has to be 3.3, and not 3.2? especially if the fix to do it is trivial (esp with the code already provided to solve the problem) ?

aquanight

2007-05-19 15:44

reporter   ~0014183

This is going in 3.3 because that's where new stuff goes first :P .

Depending on how big a thing it turns into, it might or might not go into 3.2.

aquanight

2007-05-19 21:08

reporter   ~0014187

Added in devel branch, .2410 :

1.1.1.1.2.1.2.1.2.2410 (aquanigh 20-May-07): - 0001924 - requested by syzop: Added ./unreal gencloak, which generates
1.1.1.1.2.1.2.1.2.2410 (aquanigh 20-May-07): random keys 10 ~ 20 characters in length (doesn't (yet) work for Win32).
1.1.1.1.2.1.2.1.2.2410 (aquanigh 20-May-07): - Misc fix for disabling extban chains, should've done stuff in our autoconf
1.1.1.1.2.1.2.1.2.2410 (aquanigh 20-May-07): stuff instead of hacking configure directly :P .

Issue History

Date Modified Username Field Change
2004-07-06 17:52 syzop New Issue
2004-07-06 18:08 codemastr Note Added: 0006899
2004-07-06 18:12 syzop Note Added: 0006901
2007-04-27 02:39 stskeeps Status new => acknowledged
2007-04-27 02:39 stskeeps View Status private => public
2007-04-28 21:49 aquanight Note Added: 0013919
2007-04-29 01:01 Stealth Note Added: 0013921
2007-05-08 13:47 syzop Note Added: 0014053
2007-05-09 21:29 aquanight Note Added: 0014065
2007-05-09 22:54 tabrisnet Note Added: 0014068
2007-05-09 23:52 Bricker Note Added: 0014071
2007-05-10 10:22 tabrisnet Note Edited: 0014068
2007-05-18 18:23 tabrisnet Note Added: 0014171
2007-05-19 15:44 aquanight Note Added: 0014183
2007-05-19 15:44 aquanight Assigned To => aquanight
2007-05-19 15:44 aquanight Status acknowledged => assigned
2007-05-19 21:08 aquanight Note Added: 0014187
2007-05-19 21:08 aquanight Status assigned => resolved
2007-05-19 21:08 aquanight Resolution open => fixed
2007-05-19 21:08 aquanight Fixed in Version => 3.3-alpha0