Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/usr.sbin/sysinst Make default installations a bit more secure:



details:   https://anonhg.NetBSD.org/src/rev/a1487b75a27d
branches:  trunk
changeset: 365729:a1487b75a27d
user:      martin <martin%NetBSD.org@localhost>
date:      Thu Apr 21 17:30:15 2022 +0000

description:
Make default installations a bit more secure:
 - push a bit harder for setup of a root password
 - simplify/clarify manual entropy setup
 - visit the entropy setup (on machines where it is needed) on the
   default path through sysinst

diffstat:

 usr.sbin/sysinst/configmenu.c   |  10 +++++++++-
 usr.sbin/sysinst/defs.h         |   4 +++-
 usr.sbin/sysinst/install.c      |   6 +++++-
 usr.sbin/sysinst/msg.entropy.de |  32 ++++++++++++++++----------------
 usr.sbin/sysinst/msg.entropy.en |  25 +++++++++++++------------
 usr.sbin/sysinst/msg.entropy.es |  27 ++++++++++++++-------------
 usr.sbin/sysinst/msg.entropy.fr |  25 +++++++++++++------------
 usr.sbin/sysinst/msg.entropy.pl |  25 +++++++++++++------------
 usr.sbin/sysinst/msg.mi.de      |   9 ++++++++-
 usr.sbin/sysinst/msg.mi.en      |   8 +++++++-
 usr.sbin/sysinst/msg.mi.es      |   8 +++++++-
 usr.sbin/sysinst/msg.mi.fr      |   8 +++++++-
 usr.sbin/sysinst/msg.mi.pl      |   8 +++++++-
 usr.sbin/sysinst/run.c          |  11 ++++++++---
 usr.sbin/sysinst/upgrade.c      |  10 +++++++++-
 usr.sbin/sysinst/util.c         |  40 ++++++++++++----------------------------
 16 files changed, 151 insertions(+), 105 deletions(-)

diffs (truncated from 644 to 300 lines):

diff -r 28edddf0fd2c -r a1487b75a27d usr.sbin/sysinst/configmenu.c
--- a/usr.sbin/sysinst/configmenu.c     Thu Apr 21 12:06:31 2022 +0000
+++ b/usr.sbin/sysinst/configmenu.c     Thu Apr 21 17:30:15 2022 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: configmenu.c,v 1.14 2021/10/09 09:06:28 martin Exp $ */
+/* $NetBSD: configmenu.c,v 1.15 2022/04/21 17:30:15 martin Exp $ */
 
 /*-
  * Copyright (c) 2012 The NetBSD Foundation, Inc.
@@ -291,6 +291,14 @@
        return 0;
 }
 
+void
+root_pw_setup(void)
+{
+       msg_display(MSG_force_rootpw);
+       run_program(RUN_DISPLAY | RUN_PROGRESS | RUN_CHROOT | RUN_STDSCR,
+           "passwd -l root");
+}
+
 static int
 change_root_password(struct menudesc *menu, void *arg)
 {
diff -r 28edddf0fd2c -r a1487b75a27d usr.sbin/sysinst/defs.h
--- a/usr.sbin/sysinst/defs.h   Thu Apr 21 12:06:31 2022 +0000
+++ b/usr.sbin/sysinst/defs.h   Thu Apr 21 17:30:15 2022 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: defs.h,v 1.80 2022/02/10 16:11:41 martin Exp $ */
+/*     $NetBSD: defs.h,v 1.81 2022/04/21 17:30:15 martin Exp $ */
 
 /*
  * Copyright 1997 Piermont Information Systems Inc.
@@ -108,6 +108,7 @@
 #define RUN_PROGRESS   0x0080          /* Output is just progess test */
 #define RUN_NO_CLEAR   0x0100          /* Leave program output after error */
 #define RUN_XFER_DIR   0x0200          /* cd to xfer_dir in child */
+#define        RUN_STDSCR      0x0400          /* run program in standard screen */
 
 /* for bsddisklabel.c */
 enum layout_type {
@@ -1004,6 +1005,7 @@
 
 /* from configmenu.c */
 void   do_configmenu(struct install_partition_desc*);
+void   root_pw_setup(void);
 
 /* from checkrc.c */
 int    check_rcvar(const char *);
diff -r 28edddf0fd2c -r a1487b75a27d usr.sbin/sysinst/install.c
--- a/usr.sbin/sysinst/install.c        Thu Apr 21 12:06:31 2022 +0000
+++ b/usr.sbin/sysinst/install.c        Thu Apr 21 17:30:15 2022 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: install.c,v 1.22 2022/01/29 16:01:16 martin Exp $      */
+/*     $NetBSD: install.c,v 1.23 2022/04/21 17:30:15 martin Exp $      */
 
 /*
  * Copyright 1997 Piermont Information Systems Inc.
@@ -233,6 +233,10 @@
        if (md_post_extract(&install, false) != 0)
                goto error;
 
+       root_pw_setup();
+#if CHECK_ENTROPY
+       do_add_entropy();
+#endif
        do_configmenu(&install);
 
        sanity_check();
diff -r 28edddf0fd2c -r a1487b75a27d usr.sbin/sysinst/msg.entropy.de
--- a/usr.sbin/sysinst/msg.entropy.de   Thu Apr 21 12:06:31 2022 +0000
+++ b/usr.sbin/sysinst/msg.entropy.de   Thu Apr 21 17:30:15 2022 +0000
@@ -1,4 +1,4 @@
-/*      $NetBSD: msg.entropy.de,v 1.4 2021/10/11 17:23:28 rillig Exp $  */
+/*      $NetBSD: msg.entropy.de,v 1.5 2022/04/21 17:30:15 martin Exp $  */
 
 /*
  * Copyright (c) 2020 The NetBSD Foundation, Inc.
@@ -28,27 +28,29 @@
 
 message Configure_entropy      {Entropie konfigurieren}
 
-message continue_without_entropy       {Weiter ohne Entropie}
+message continue_without_entropy       {Jetzt nicht - weiter!}
 
 message not_enough_entropy
-{Dieses System scheint nicht über einen Pseudo-Zufallszahlengenerator
-zu verfügen. Für das Erzeugen von kryptografisch sicheren Schlüsseldateien
-(z.B. ssh host keys) ist nicht genug Entropie verfügbar. 
+{Dieses System verfügt momentan nicht über genug Entropie um kryptografisch
+starke Zufallszahlen zu generieren. 
  
-Am einfachsten generieren Sie Zufallsdaten auf einem anderen Computer
-und laden sie in dieser Installation. Alternativ können Sie auch
-manuell Zufallsdaten eingeben. 
+Falls Sie diese Installation produktiv verwenden möchten und z.B.
+ssh host keys generieren werden, empfehlen wir dringend die
+Entropie-Konfiguration zu vervollständigen! 
  
-Falls Sie einen USB-Zufallsgenerator besitzen, verbinden Sie diesen
+Sie können Zufallszahlen von einem anderen Computer verwenden oder
+manuell zufällige Zeichen eingeben. 
+ 
+Falls Sie einen USB-Zufallsgenerator haben, verbinden Sie diesen
 jetzt und wählen dann die Option "Erneut testen".}
 
-message entropy_add_manually           {Manuelle Zufallseingabe}
+message entropy_add_manually           {Zufallsdaten manuell eingeben}
 message entropy_download_raw           {Rohe binäre Zufallsdaten laden}
 message        entropy_download_seed           {NetBSD-Entropie-Datei laden}
 message entropy_retry                  {Erneut testen}
 
 message entropy_enter_manual1
-{Geben Sie bitte mehrere Zeilen zufällige Zeichen ein,
+{Geben Sie bitte zufällige Zeichen ein,
 in denen genug Entropie enthalten sein sollte, die 256 Münzwürfen,
 100 Würfen mit einem sechsseitigen Würfel oder 64 zufälligen hexadezimalen
 Zeichen entspricht.}
@@ -60,11 +62,9 @@
 verwenden:}
 
 message entropy_enter_manual3
-{Benutzen Sie nicht die gleiche Eingabe für mehrere Installationen. 
-Beenden Sie die Eingabe mit einer leeren Zeile.}
-
-message entropy_manual_not_enough
-{Sie haben nicht genug Zeichen eingegeben!}
+{Sie können eine Zeile mit beliebiger Länge eingeben. Wenn die
+Eingabe nicht mindestens 256 zufällige Bits enthält, ist
+das installierte System eventuell nicht sicher.}
 
 message entropy_select_file
 {Wählen Sie, auf welche Art Sie die Zufallsdaten auf diesen Computer
diff -r 28edddf0fd2c -r a1487b75a27d usr.sbin/sysinst/msg.entropy.en
--- a/usr.sbin/sysinst/msg.entropy.en   Thu Apr 21 12:06:31 2022 +0000
+++ b/usr.sbin/sysinst/msg.entropy.en   Thu Apr 21 17:30:15 2022 +0000
@@ -1,4 +1,4 @@
-/*      $NetBSD: msg.entropy.en,v 1.3 2021/10/08 15:59:55 martin Exp $  */
+/*      $NetBSD: msg.entropy.en,v 1.4 2022/04/21 17:30:15 martin Exp $  */
 
 /*
  * Copyright (c) 2020 The NetBSD Foundation, Inc.
@@ -28,26 +28,30 @@
 
 message Configure_entropy      {Set up entropy}
 
-message continue_without_entropy       {Continue without entropy}
+message continue_without_entropy       {Not now, continue!}
 
 message not_enough_entropy
 {This system seems to lack a cryptographically strong pseudo random
 number generator. There is not enough entropy available to create secure
 keys (e.g. ssh host keys). 
-
+ 
+If you plan to use this installation for production work and will
+for example have ssh host keys generated, we strongly advise to complete
+the entropy setup now! 
+ 
 You may use random data generated on another computer and load it
 here, or you could enter random characters manually. 
  
-If you own a USB random number device, connect it now and select
+If you have a USB random number device, connect it now and select
 the "Re-test" option.}
 
-message entropy_add_manually           {Manual input of random data}
+message entropy_add_manually           {Manually input random characters}
 message entropy_download_raw           {Load raw binary random data}
 message        entropy_download_seed           {Import a NetBSD entropy file}
 message entropy_retry                  {Re-test}
 
 message entropy_enter_manual1
-{Enter random characters.}
+{Enter one line of random characters.}
 
 message entropy_enter_manual2
 {They should contain at last 256 bits of randomness, as in 256 coin
@@ -57,11 +61,9 @@
 machine whose randomness you trust:}
 
 message entropy_enter_manual3
-{Do not use the same data for multiple installations. 
-Terminate the input with an empty line.}
-
-message entropy_manual_not_enough
-{You did not enter enough characters!}
+{A line of any length and content will be accepted and assumed to
+contain at least 256 bits of randomness.  If it actually contains
+less, the installed system may not be secure.}
 
 message entropy_select_file
 {Please select how you want to transfer the random data file
@@ -125,4 +127,3 @@
 message entropy_localfs
 {Enter the unmounted local device and directory on that device where
 the random data is located.}
-
diff -r 28edddf0fd2c -r a1487b75a27d usr.sbin/sysinst/msg.entropy.es
--- a/usr.sbin/sysinst/msg.entropy.es   Thu Apr 21 12:06:31 2022 +0000
+++ b/usr.sbin/sysinst/msg.entropy.es   Thu Apr 21 17:30:15 2022 +0000
@@ -1,4 +1,4 @@
-/*      $NetBSD: msg.entropy.es,v 1.4 2021/10/08 22:07:11 nia Exp $  */
+/*      $NetBSD: msg.entropy.es,v 1.5 2022/04/21 17:30:15 martin Exp $  */
 
 /*
  * Copyright (c) 2020 The NetBSD Foundation, Inc.
@@ -28,26 +28,30 @@
 
 message Configure_entropy      {Set up entropy}
 
-message continue_without_entropy       {Continue without entropy}
+message continue_without_entropy       {Not now, continue!}
 
 message not_enough_entropy
 {This system seems to lack a cryptographically strong pseudo random
 number generator. There is not enough entropy available to create secure
 keys (e.g. ssh host keys). 
-
+ 
+If you plan to use this installation for production work and will
+for example have ssh host keys generated, we strongly advise to complete
+the entropy setup now! 
+ 
 You may use random data generated on another computer and load it
 here, or you could enter random characters manually. 
  
-If you own a USB random number device, connect it now and select
+If you have a USB random number device, connect it now and select
 the "Re-test" option.}
 
-message entropy_add_manually           {Manual input of random data}
+message entropy_add_manually           {Manually input random characters}
 message entropy_download_raw           {Load raw binary random data}
 message        entropy_download_seed           {Import a NetBSD entropy file}
 message entropy_retry                  {Re-test}
 
 message entropy_enter_manual1
-{Enter random characters.}
+{Enter one line of random characters.}
 
 message entropy_enter_manual2
 {They should contain at last 256 bits of randomness, as in 256 coin
@@ -57,11 +61,9 @@
 machine whose randomness you trust:}
 
 message entropy_enter_manual3
-{Do not use the same data for multiple installations. 
-Terminate the input with an empty line.}
-
-message entropy_manual_not_enough
-{You did not enter enough characters!}
+{A line of any length and content will be accepted and assumed to
+contain at least 256 bits of randomness.  If it actually contains
+less, the installed system may not be secure.}
 
 message entropy_select_file
 {Please select how you want to transfer the random data file
@@ -80,7 +82,7 @@
 {Load from a NFS share}
 
 message entropy_add_local
-{Laod from a local file system (e.g. a USB device)}
+{Load from a local file system (e.g. a USB device)}
 
 message entropy_file
 {Path/file}
@@ -125,4 +127,3 @@
 message entropy_localfs
 {Enter the unmounted local device and directory on that device where
 the random data is located.}
-
diff -r 28edddf0fd2c -r a1487b75a27d usr.sbin/sysinst/msg.entropy.fr
--- a/usr.sbin/sysinst/msg.entropy.fr   Thu Apr 21 12:06:31 2022 +0000
+++ b/usr.sbin/sysinst/msg.entropy.fr   Thu Apr 21 17:30:15 2022 +0000
@@ -1,4 +1,4 @@
-/*      $NetBSD: msg.entropy.fr,v 1.4 2021/10/08 22:07:11 nia Exp $  */
+/*      $NetBSD: msg.entropy.fr,v 1.5 2022/04/21 17:30:15 martin Exp $  */
 
 /*
  * Copyright (c) 2020 The NetBSD Foundation, Inc.
@@ -28,26 +28,30 @@
 
 message Configure_entropy      {Set up entropy}
 
-message continue_without_entropy       {Continue without entropy}
+message continue_without_entropy       {Not now, continue!}
 
 message not_enough_entropy
 {This system seems to lack a cryptographically strong pseudo random
 number generator. There is not enough entropy available to create secure
 keys (e.g. ssh host keys). 
-
+ 
+If you plan to use this installation for production work and will
+for example have ssh host keys generated, we strongly advise to complete
+the entropy setup now! 
+ 
 You may use random data generated on another computer and load it
 here, or you could enter random characters manually. 



Home | Main Index | Thread Index | Old Index