Slashdot Mirror

← Back to Stories (view on slashdot.org)

FreeBSD-Current Random Number Generator Broken

Posted by samzenpus on from the protect-ya-neck dept.

First time accepted submitter bobo the hobo writesThe FreeBSD random number has been discovered to be generating possibly predictable SSH keys and SSL certificates for months. Time to regenerate your keys and certs if using FreeBSD-Current. A message to the freebsd-current mailing list reads in part: "If you are running a current kernel r273872 or later, please upgrade your kernel to r278907 or later immediately and regenerate keys. I discovered an issue where the new framework code was not calling randomdev_init_reader, which means that read_random(9) was not returning good random data. read_random(9) is used by arc4random(9) which is the primary method that arc4random(3) is seeded from."

6 of 105 comments (clear)

  1. There are/may be worse problems with -current by mi · · Score: 4, Informative

    The -current is not a release — it is the trunk of the development tree. Using for anything important — such as data, that may be worthwhile enough for your enemies to hack for — is silly. Far worse bugs may exist in -current — or be introduced at any point.

    Stick to releases — or one of the -stable branches — for anything, that's not about working on FreeBSD itself.

    --
    In Soviet Washington the swamp drains you.
  2. Re:Newbish question here.. by bsdasym · · Score: 3, Informative

    No, you should be on -STABLE or at least RELENG_? if you only want security fixes. -RELEASE is just that, the release version, no updates.

  3. Re:Newbish question here.. by DarkHelmet433 · · Score: 5, Informative

    The bug was in the unreleased FreeBSD-11 work-in-progress developer tree.

    If you are running an actual release, or one of the stable branches, you are not affected.

    The main cause for concern is if you are generating keys in some form on the developer tree.

  4. Alternate strategy... by damn_registrars · · Score: 2, Informative

    Just don't use keys for remote ssh logins. I know, keys are supposed to be all that any more. But based on my experience fending off billions of script kiddy attempts from my home system, it appears they aren't worth the effort and may even be counter productive.

    I say this because my home server faces the world and allows anyone who wants to, to make an attempt to login via ssh on port 22. You may say this is completely insane, but my logs suggest it isn't that bad. The overwhelming majority of all attempts on my system attempt to come straight in as root. As everyone knows, you can very easily disable root login in your sshd.conf file which leaves the person on the other end completely incapable of knowing whether or not they ever got your root password right as the response is the same.

    The end result is they make their 10,000+ attempts in a couple hours, then leave and never come back. They might take a few parting shots at other well known account names but they won't get in that way either.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
    1. Re:Alternate strategy... by ColaMan · · Score: 4, Informative

      Sweet Jesus, at least install Fail2Ban and block an IP for 24 hours after 3 failed attempts.

      --

      You are in a twisty maze of processor lines, all alike.
      There is a lot of hype here.
  5. Re:Newbish question here.. by fisted · · Score: 3, Informative

    No, and who mods this "Informative"?
    Both -CURRENT and -STABLE are development branches.

    -RELEASE is meant for production and of course gets supplied with security relevant fixes (then referred to as patchlevels).

    But yes, please go on educating people about things you don't know jack about.

    --
    CLI paste? paste.pr0.tips!