NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
PAM - Upgrading to SHA512 password hashes
Hi everyone,
I'm reviewing the security of my environment and I've noticed the ReadyNAS passwords are still stored as MD5 hashes in /etc/shadow. Even more puzzling is a maximum password size set to 8 characters in /etc/pam.d/common-password.
This makes the ReadyNAS quite vulnerable to offline bruteforce attack as an MD5 hash of an 8 characters password can be cracked in a mere 20mn using modern hardware (MD5 is not collision resistant). Also, my main CIFS share is encrypted through encFS and automatically mounted through libpam, so its resilience is important.
Upgrading to SHA512 or bcrypt significantly improves the hash strength but it takes an upgrade to glibc2.8 (from 2011), and then libpam should be compiled against it.
Can we expect a backport or a security update to RAIDiator to get proper password hashes in the near future? Or as a workaround, has anyone succeeded in upgrading the glibc and libpam (I don't want to take the risk).
Thanks in advance!
I'm reviewing the security of my environment and I've noticed the ReadyNAS passwords are still stored as MD5 hashes in /etc/shadow. Even more puzzling is a maximum password size set to 8 characters in /etc/pam.d/common-password.
This makes the ReadyNAS quite vulnerable to offline bruteforce attack as an MD5 hash of an 8 characters password can be cracked in a mere 20mn using modern hardware (MD5 is not collision resistant). Also, my main CIFS share is encrypted through encFS and automatically mounted through libpam, so its resilience is important.
Upgrading to SHA512 or bcrypt significantly improves the hash strength but it takes an upgrade to glibc2.8 (from 2011), and then libpam should be compiled against it.
Can we expect a backport or a security update to RAIDiator to get proper password hashes in the near future? Or as a workaround, has anyone succeeded in upgrading the glibc and libpam (I don't want to take the risk).
Thanks in advance!
9 Replies
Replies have been turned off for this discussion
- If your system isn't running ReadyNAS OS6, it is highly unlikely that upgrade would occur.
- Thanks Chirpa.
My system is a ReadyNAS Ultra Duo (x86_64), it could run RNOS6 at the cost of a factory reset, which is a no go at this point. It also seems a little overkill to erase and upgrade the whole system just to have a newer release of libpam.
I will try to upgrade this myself using your RAIDiator OVA. I wish NetGear would release a security update though... - I suspect there might be others who would like to make this upgrade also. Maybe after you get it running you could post a step-by-step guide.
- Solved
Using SHA512 is tricky because it involves upgrading some critical parts of the system. Thankfully we can use bcrypt, a strong hash based on blowfish (stronger than SHA512 if your password/passphrase is shorter than 52 characters).
Here's the beginner-friendly step by step guide:
- First we'll create a temporary user to test our changes, in case something goes wrong
#adduser foo
answer Y everywhere, give a temporary password such as Password1234
- Make sure the user has been added and note the hash
#cat /etc/shadow
This must look like this:
user:hash (1 for MD5) :salt:digest
foo:$1$HwBrp9DK$jXrwgOofbIHx3dMG/mAqD0:
- Okay, moving on. Enable the Etch repository
#nano /etc/apt/sources.list
uncomment the following line: #deb http://archive.debian.org/debian etch main
-Sync the local package DB with the repository
#apt-get update
-Install libpam-unix2, which provides the bcrypt password hashing
#apt-get install libpam-unix2
After this operation, 307kB of additional disk space will be used.
Do you want to continue [Y/n]? y
-Tell PAM to use libpam-unix2 for authentication. Let's do it everywhere with one command line:
#perl -pi -w -e 's/pam_unix.so/pam_unix2.so/g;' /etc/pam.d/*
-Some more editing...
#nano /etc/pam.d/common-auth
change nullok_secure to nullok
#nano /etc/pam.d/common-password
remove "max=8" and change md5 to blowfish:
"password required pam_unix2.so nullok obscure min=4 blowfish"
Do the same for /etc/pam.d/password (that's RAIDiator specific)
Optionally, you can also remove the "max=8" from /etc/pam.d/login
-Let's test the changes
#passwd foo
Password1234
Password1234
#cat /etc/shadow | grep foo
It should now use bcrypt (2a):
foo:$2a$05$xenvd3mc6Lkt7/SGMfuz6.hW9Lg9IOkMvvplVWzuL5bfUH7jHfND2:
(53 characters hash composed of a 22 chars salt and a 31 chars blowfish encrypted output)
- We're never too sure, let's make sure foo can login
#logout
$ssh <NAS IP> -l foo
Enter password:
- If everything's okay, you can now change every remaining password so they're all hashed with bcrypt. Check the result in /etc/shadow.
Upgrading your passwords from MD5 is very recommended if you host sensitive data. - Have you tested if this will survive a firmware upgrade?
- Just upgraded from 4.2.22 to 4.2.24: didn't survive, regular accounts can't login anymore. Thankfully I created a password-less account for SSH in case it would go wrong.
Still, this is very annoying... everything has to be reverted at every upgrade.
Can't Netgear just fix this and use bcrypt by default? - They could, but priorities aren't on OS4 anymore. They are working on OS6 now, only for the new models.
- Any hope to upgrade to OS6 without wiping the data drive?
No - at least no one has managed that so far.Theor wrote: Any hope to upgrade to OS6 without wiping the data drive?
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
