From nobody  Sun Oct  4 07:25:22 1998
Received: (from nobody@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA14220;
          Sun, 4 Oct 1998 07:25:22 -0700 (PDT)
          (envelope-from nobody)
Message-Id: <199810041425.HAA14220@hub.freebsd.org>
Date: Sun, 4 Oct 1998 07:25:22 -0700 (PDT)
From: thomas@x-berg.in-berlin.de
To: freebsd-gnats-submit@freebsd.org
Subject: freebsd 2.2.7 implementation of key(1) [stand-alone program for computing responses to S/Key challenges] differs from the latest of the authors S/KEY One-Time Password System (Version 1.1 11-01- imar.gz at thumper.bellcore.com [128.96.41.1]   DX-Send-Pr-Version: www-1.0

>Number:         8142
>Category:       bin
>Synopsis:       freebsd 2.2.7 implementation of key(1) [stand-alone program for computing responses to S/Key challenges] differs from the latest of the authors S/KEY One-Time Password System (Version 1.1 11-01- imar.gz at thumper.bellcore.com [128.96.4
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Oct  4 07:30:01 PDT 1998
>Closed-Date:    Thu Jul 13 06:48:29 PDT 2000
>Last-Modified:  Thu Jul 13 06:49:13 PDT 2000
>Originator:     thomas osterried
>Release:        FreeBSD 2.2.7
>Organization:
in-berlin e.v.
>Environment:
FreeBSD ratte.in-berlin.de 2.2.7-RELEASE FreeBSD 2.2.7-RELEASE #0: Thu Aug 13 21:17:55 CEST 1998     root@ratte.in-berlin.de:/usr/src/sys/compile/RATTE980808A  i386

>Description:
i was happy to find skey implemented on my FreeBSD 2.2.7-RELEASE system.
everything works fine except you want to generate a key on an other system.
in my case i wanted to run key (skey skey-1.1b.tar.gz from thumper.bellcore.com [128.96.41.1]   Directory: /pub/nmh)
compiled on my other maschine (a linux host) and could not login with the
generated key: it always differs.
i tried to compile skey-1.1b on my FreeBSD-2.2.7 maschine, and the generated key
is the same as the one on my linux maschine and it differs from the key from /usr/bin/key
on the (same) FreeBSD-2.2.7 maschine.

in other words: the key implementation on FreeBSD-2.2.7 is not compatible
anymore. it may be older (looking at the man page, FreeBSDs key program may be 2 years older (1991 instead of 1993 in the skey-1.1b implementation)
 
>How-To-Repeat:
get skey1.1b, compile it and verify the output of
./src/key 
and /usr/bin/key
using the same options and the same passoword.
it differs, and ./src/keys output grants no access.
>Fix:
well, hmm, lets have a look at the source.
there may have been a decision of the freebsd team in not upgrading.

>Release-Note:
>Audit-Trail:

From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
To: thomas@x-berg.in-berlin.de
Cc: freebsd-gnats-submit@FreeBSD.ORG
Subject: bin/8142: freebsd 2.2.7 implementation of key(1)
Date: Sun, 4 Oct 1998 22:20:59 -0400 (EDT)

 <<On Sun, 4 Oct 1998 07:25:22 -0700 (PDT), thomas@x-berg.in-berlin.de said:
 
 >> Synopsis:       freebsd 2.2.7 implementation of key(1) [stand-alone [...]
 
 Please don't write jillion-character lines.
 
 FreeBSD uses the older, MD4-based S/Key mechanism.  Switching to MD5
 (or DES-MAC) would break every user's S/Key setup.  If you need MD5
 support (sounds like it), you will need to install it
 yourself.  (There's a define you can change in the source to use MD5
 instead of MD4.)
 
 -GAWollman
 
 --
 Garrett A. Wollman   | O Siem / We are all family / O Siem / We're all the same
 wollman@lcs.mit.edu  | O Siem / The fires of freedom 
 Opinions not those of| Dance in the burning flame
 MIT, LCS, CRS, or NSA|                     - Susan Aglukark and Chad Irschick
State-Changed-From-To: open->closed 
State-Changed-By: nbm 
State-Changed-When: Thu Jul 13 06:48:29 PDT 2000 
State-Changed-Why:  
wollman gave an explanation on how to do MD5 instead 

http://www.freebsd.org/cgi/query-pr.cgi?pr=8142 
>Unformatted:
 
 
 
1.1]
 Directory: /pub/nmh
 
