From Fedora Project Wiki

(pam_pkcs11 analyzed.)
(→‎Configuration: Add openssh)
 
(8 intermediate revisions by the same user not shown)
Line 16: Line 16:
<li>GSS-API v1 hard-codes MD5, would need v2 (RFC4121).
<li>GSS-API v1 hard-codes MD5, would need v2 (RFC4121).
<li>pkinit hard-codes SHA-1<br>preauth "SAM" hard-codes MD5.
<li>pkinit hard-codes SHA-1<br>preauth "SAM" hard-codes MD5.
</ul><hr><ul>
</ul>
(Both are tracked in #490909.)
<hr><ul>
<li>pbkdf2 hard-codes HMAC-SHA1.
<li>pbkdf2 hard-codes HMAC-SHA1.
</ul>
</ul>
Line 23: Line 25:
<li>sunrpc auth_gss krb5 uses GSS-API v1, hard-codes DES_MAC_MD5 (GSS-API v2 would be necessary for stronger hashes).
<li>sunrpc auth_gss krb5 uses GSS-API v1, hard-codes DES_MAC_MD5 (GSS-API v2 would be necessary for stronger hashes).
<li>sunrpc auth_gss spkm3 hard-codes HMAC-MD5 (HMAC-SHA1 is not requried by RFC2847).
<li>sunrpc auth_gss spkm3 hard-codes HMAC-MD5 (HMAC-SHA1 is not requried by RFC2847).
</ul>
(Both are tracked in #490916.)
<ul>
<li>ecryptfs uses MD5 to generate IVs for block encryption.
<li>ecryptfs uses MD5 to generate IVs for block encryption.
<li>ecryptfs supports only MD5 in string-to-key algorithm for PGP private key handling.
<li>ecryptfs supports only MD5 in string-to-key algorithm for PGP private key handling.
</ul><hr><ul>
</ul>
(Both are tracked in #490918.)
<hr><ul>
<li>sctp cookie used when opening a connection uses a HMAC, kernel is configured to use a MD5 HMAC (#485933).
<li>sctp cookie used when opening a connection uses a HMAC, kernel is configured to use a MD5 HMAC (#485933).
<li>reiserfs, ext3, ext4 hashed directories use various hashes, collisions are handled.
<li>reiserfs, ext3, ext4 hashed directories use various hashes, collisions are handled.
Line 52: Line 59:
|-
|-
| pam_ccreds || Pam module to cache login credentials || Uses SHA1(known data, password) to store passwords (#487306).
| pam_ccreds || Pam module to cache login credentials || Uses SHA1(known data, password) to store passwords (#487306).
|-
| pam_smb || A Pluggable Authentication Module (PAM) for use with SMB servers. ||
|-
| rpm || The RPM package management system ||
|-
| yp-tools || NIS (or YP) client programs. ||
|-
| yum || RPM installer/updater ||
|-
| cryptsetup-luks || A utility for setting up encrypted filesystems ||
|-
|-
| db4 || The Berkeley DB database library (version 4) for C ||
| db4 || The Berkeley DB database library (version 4) for C ||
Line 80: Line 77:
|-
|-
| sysvinit || Programs which control basic system processes ||
| sysvinit || Programs which control basic system processes ||
|-
| udev || A userspace implementation of devfs ||<ul><li>MD5 is used only for generation of UUID of the macitosh file system HFS.</ul>
|-
|-
| gnupg2 || Utility for secure communication and data storage ||
| gnupg2 || Utility for secure communication and data storage ||
Line 704: Line 699:


<tt>pam_unix</tt> uses DES to encrypt passwords by default.  Add the <tt>sha256</tt> or the <tt>sha512</tt> option to use SHA-2.  (This already the default in Fedora.)
<tt>pam_unix</tt> uses DES to encrypt passwords by default.  Add the <tt>sha256</tt> or the <tt>sha512</tt> option to use SHA-2.  (This already the default in Fedora.)
=== openssh ===
To use a SHA-1 HMAC with <tt>ssh</tt> and related programs, define the <code>MACs=hmac-sha1</code> option on the command line or in your configuration file.
=== rpm ===
To use SHA-256 in file digests, define the following RPM macros:
_source_filedigest_algorithm 8
_binary_filedigest_algorithm 8
(or just install <tt>redhat-rpm-config</tt>)
To use SHA-256 in PGP signatures, use an RSA key (at least 2048 bits recommended, otherwise the signature would be significantly weaker than the hash), and define the following RPM macro when signing the packages:
__gpg_sign_cmd %{__gpg} gpg --force-v3-sigs --digest-algo sha256 --batch --no-verbose --no-armor --passphrase-fd 3 --no-secmem-warning -u "%{_gpg_name}" -sbo %{__signature_filename} %{__plaintext_filename}
=== crytpsetup-luks ===
<tt>cryptsetup create</tt> uses RIPEMD160 by default when generating an encryption key.  To use SHA-2, use the <tt>-h sha256</tt> option.


== Done ==
== Done ==
Line 745: Line 759:
<li>digest_mapper indexes certificates using a digest, using any algorithm supported by the crypto library.
<li>digest_mapper indexes certificates using a digest, using any algorithm supported by the crypto library.
</ul>
</ul>
|-
| pam_smb || A Pluggable Authentication Module (PAM) for use with SMB servers. || Uses MD4 and DES as part of SMB authentication.
|-
| rpm || The RPM package management system || <ul>
<li>Already supports SHA-256 for RPMTAG_FILEDIGESTS.
<li>Already supports SHA-256 in public key signatures (RSA v3 signatures only).
<li>User interface for file digests often says "md5" (#487597).
<li>Some tags hard-code hash types: <tt>RPMSIGTAG_MD5</tt>, <tt>RPMSIGTAG_SHA1</tt>, <tt>RPMSIGTAG_DSA</tt> (hard-coded SHA-1).
<li>Public key fingerprint computation uses SHA-1.
</ul>
|-
| yum || RPM installer/updater || <ul>
<li>Computes MD5, SHA-1 and SHA-256 hashes of repomd.xml to be verified against metalink data.
<li>Verifies hashes of repodata files, and of downloaded packages, using hashes specified in the repodata.
<li>Uses MD5 and SHA-1 to compute PGP key fingerprints.
<li>Verifies installed files using the hash specified in FILEDIGESTALGO.
</ul>
|-
| udev || A userspace implementation of devfs || <ul>
<li>MD5 is used for generation of UUID of the macitosh file system HFS.
<li>USE_MAKEDEV_CACHE uses MD5 of a makedev.d file to generate a processed version, without any collision checking; could be exploited only by system administrator.
</ul>
|-
| cryptsetup-luks || A utility for setting up encrypted filesystems || <ul>
<li><tt>cryptsetup create</tt> uses ripemd160 by default for key generation from passwords (see [[#cryptsetup-luks]] for configuration).
<li>Uses HMAC_SHA1 in PBKDF2 key derivation.
<li>Uses SHA1 to generate a random value to XOR data with.
</ul>
|-
| yp-tools || NIS (or YP) client programs. || yppasswd replaced SHA-2 hashes with a DES hash (#487607).
|}
|}

Latest revision as of 15:01, 14 April 2009

Notes

This page currently tracks the migration status of selected packages to SHA-256 as part of the StrongerHashes feature.

To Do

These packages use or refer to hashes from which we should migrate away. Being on this list does not yet mean the package will have to change: another manual check is necessary. You can see the known hash uses at http://people.redhat.com/mitr/hashes/found-hashes .

Necessary for system integrity

Package Description Notes
krb5 The Kerberos network authentication system.
  • See #krb5 for configuration.
  • GSS-API v1 hard-codes MD5, would need v2 (RFC4121).
  • pkinit hard-codes SHA-1
    preauth "SAM" hard-codes MD5.

(Both are tracked in #490909.)


  • pbkdf2 hard-codes HMAC-SHA1.
kernel The Linux kernel
  • sunrpc auth_gss krb5 uses GSS-API v1, hard-codes DES_MAC_MD5 (GSS-API v2 would be necessary for stronger hashes).
  • sunrpc auth_gss spkm3 hard-codes HMAC-MD5 (HMAC-SHA1 is not requried by RFC2847).

(Both are tracked in #490916.)

  • ecryptfs uses MD5 to generate IVs for block encryption.
  • ecryptfs supports only MD5 in string-to-key algorithm for PGP private key handling.

(Both are tracked in #490918.)


  • sctp cookie used when opening a connection uses a HMAC, kernel is configured to use a MD5 HMAC (#485933).
  • reiserfs, ext3, ext4 hashed directories use various hashes, collisions are handled.
  • sctp packet authentication uses a SHA-1 or SHA-256 HMAC.
  • TCPOPT_MD5SIG (RFC2385) uses MD5 of a packet and a shared key; there's no space for a larger hash in the header, and if changes are made, IPSec can be used instead.
  • TCP syncookies are generated using a SHA-1 block transform, probably limited more by output size than the hash.
  • IPSec digest supports SHA-1 and SHA-256 HMAC.
  • modversions use MD4 to compute MODULE_INFO(srcversion): not intended to use as a cryptographic proof - anyone can simply overwrite the field in the compiled module.
  • CIFS uses MD4 and MD5 for authentication (NTLM, NTLMv2), MD5 for packet signatures, MD5 in (unimplemented) MacOS symlinks.
  • PPP MPPE uses SHA-1 (RFC3078, RFC3079).
  • random.c uses SHA-1 for generating random numbers.
  • random.c uses MD4 for generating IP IDs, TCP ISNs and similar numbers (based on a periodically changing secret).
  • drivers/staging/rt28{6,7}0 use MD5 and SHA-1 HMAC in various wireless protocol implementations.
  • jbd2 has a checksum field and defines MD5 and SHA-1 identifiers, but only implements CRC32.
  • nfsd differentiates between different clients using cl_recdir, a MD5 of the client's real client id, and does not handle collisions, but any DoS that can be created by generating collision can be just as easily created by duplicating the real client id directly.
pam An extensible library which provides authentication for applications
  • pam_unix uses MD5 to store passwords in opasswd (#487298).
  • pam_namespace may use MD5 of user name or SELinux context in a directory name (#487302).

  • pam_unix password verification handles MD5 inside the module, uses crypt() for others.
  • pam_unix uses MD5 to generate a random salt.
  • pam_timestamp uses SHA-1 HMAC to authenticate timestamp files.
pam_ccreds Pam module to cache login credentials Uses SHA1(known data, password) to store passwords (#487306).
db4 The Berkeley DB database library (version 4) for C
e2fsprogs Utilities for managing the second and third extended (ext2/ext3) filesystems
grub Grand Unified Boot Loader
initscripts The inittab file and the /etc/init.d scripts
iptables Tools for managing Linux kernel packet filtering capabilities
mdadm The mdadm program controls Linux md devices (software RAID arrays)
module-init-tools Kernel module management utilities.
policycoreutils SELinux policy core utilities
sysvinit Programs which control basic system processes
gnupg2 Utility for secure communication and data storage
rsyslog Enhanced system logging and kernel message trapping daemons
esc Enterprise Security Client Smart Card Client
gdm The GNOME Display Manager
xorg-x11-server X.Org X11 X server
anaconda Graphical system installer
booty simple python bootloader config lib
cluster Red Hat Cluster
clustermon Monitoring and management of Red Hat Enterprise Linux Cluster Suite
createrepo Creates a common metadata repository
crypto-utils SSL certificate and key management utilities
ecryptfs-utils The eCryptfs mount helper and support libraries
gnome-keyring Framework for managing passwords and other secrets
kexec-tools The kexec/kdump userspace component.
PackageKit Package management service
trousers TCG's Software Stack v1.2

Servers

Package Description Notes
bind The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
cups Common Unix Printing System
cvs A version control system
cyrus-sasl The Cyrus SASL library
dhcp Dynamic host configuration protocol software
gnutls A TLS protocol implementation
ipsec-tools Tools for configuring and using IPSEC
libgcrypt A general-purpose cryptography library
m2crypto Support for using OpenSSL in python scripts
nc Reads and writes data across network connections using TCP or UDP
nfs-utils NFS utilities and supporting clients and daemons for the kernel NFS server
nss Network Security Services
openldap LDAP support libraries
openssh An open source implementation of SSH protocol versions 1 and 2
openssl A general purpose cryptography library with TLS implementation
postfix Postfix Mail Transport Agent
ppp The PPP (Point-to-Point Protocol) daemon.
rsync A program for synchronizing files over a network
stunnel An SSL-encrypting socket wrapper
apr Apache Portable Runtime library
apr-util Apache Portable Runtime Utility library
authd A RFC 1413 ident protocol daemon
axis A SOAP implementation in Java
dovecot Dovecot Secure imap server
exim The exim mail transfer agent
freeipmi IPMI remote console and system management software
freeradius High-performance and highly configurable free RADIUS server
gnome-user-share Gnome user file sharing
htdig ht://Dig - Web search engine
httpd Apache HTTP Server
jetty The Jetty Webserver and Servlet Container
libntlm NTLM authentication library
mailman Mailing list manager with built in Web access
mod_auth_mysql Basic authentication for the Apache web server using a MySQL database
mod_auth_pgsql Basic authentication for the Apache HTTP Server using a PostgreSQL database
ntp The NTP daemon and utilities
openswan Openswan IPSEC implementation
postgresql PostgreSQL client programs and libraries
  • MD5 is used to save encrypted passwords (SQL: ALTER USER ... WITH ENCRYPTED PASSWORD ...).
  • MD5 is also used for client autentization.
  • Username is used as the salt for the hash, there are no stronger methods to store password or autenticate.
samba The Samba Suite of programs
scsi-target-utils The SCSI target daemon and utility programs
sendmail A widely used Mail Transport Agent (MTA)
squid The Squid proxy caching server
squirrelmail SquirrelMail webmail client
struts Web application framework
subversion Modern Version Control System designed to replace CVS
tomcat5 Apache Servlet/JSP Engine, RI for Servlet 2.4/JSP 2.0 API
mod_perl An embedded Perl interpreter for the Apache HTTP Server
mod_python An embedded Python interpreter for the Apache HTTP Server

Untrusted data handling

Package Description Notes
curl A utility for getting files from remote servers (FTP, HTTP, and others)
elinks A text-mode Web browser
ghostscript A PostScript(TM) interpreter and renderer.
lftp A sophisticated file transfer program
mailx Enhanced implementation of the mailx command
net-snmp A collection of SNMP protocol tools and libraries
NetworkManager Network connection manager and user applications
python-urlgrabber A high-level cross-protocol url-grabber
rp-pppoe A PPP over Ethernet client (for xDSL support).
sos A set of tools to gather troubleshooting information from a system
tcpdump A network traffic monitoring tool
telnet The client program for the telnet remote login protocol.
wget A utility for retrieving files using the HTTP or FTP protocols
wpa_supplicant WPA/WPA2/IEEE 802.1X Supplicant
binutils A GNU collection of binary utilities
elfutils A collection of utilities and DSOs to handle compiled objects
fontconfig Font configuration and customization library
gcc Various compilers (C, C++, Objective-C, Java, ...)
glib2 A library of handy utility functions
ksh The Original ATT Korn Shell
man A set of documentation tools: man, apropos and whatis
OpenIPMI IPMI (Intelligent Platform Management Interface) library and tools
perl Practical Extraction and Report Language
perl-Digest-HMAC Digest-HMAC Perl module
perl-Digest-SHA1 Digest-SHA1 Perl module
prelink An ELF prelinking utility
python An interpreted, interactive, object-oriented programming language
python-sqlite2 DB-API 2.0 interface for SQLite 3.x
rhpl Library of Python code used by installation and configuration tools
sqlite Library that implements an embeddable SQL database engine
system-config-network The GUI of the Network Adminstration Tool
util-linux-ng A collection of basic system utilities
cadaver Command-line WebDAV client
clucene A C++ port of Lucene
dirmngr Client for Managing/Downloading CRLs
empathy Instant Messaging Client for GNOME
evolution Mail and calendar client for GNOME
evolution-data-server Backend data server for Evolution
firefox Mozilla Firefox Web browser
flac An encoder/decoder for the Free Lossless Audio Codec
gftp A multi-threaded FTP client for the X Window System
gnome-pilot-conduits Additional conduits for gnome-pilot
gpgme GnuPG Made Easy - high level crypto API
gstreamer-plugins-base GStreamer streaming media framework base plug-ins
gstreamer-plugins-good GStreamer plug-ins with good code and licensing
gvfs Backends for the gio framework in GLib
iscsi-initiator-utils iSCSI daemon and utility programs
jakarta-commons-httpclient Jakarta Commons HTTPClient implements the client side of HTTP standards
jpilot Jpilot pilot desktop software
jsch Pure Java implementation of SSH2
jss Java Security Services (JSS)
libdvdread A library for reading DVD video discs based on Ogle code
libgadu A Gadu-gadu protocol compatible communications library
libggz Library for client-server games
libgpod Library to access the contents of an iPod
libksba X.509 library
libmsn Library for connecting to the MSN Messenger service
libmusicbrainz Library for accessing MusicBrainz servers
libotr Off-The-Record Messaging library and toolkit
libprelude The prelude library
libsilc SILC Client Library
libsoup Soup, an HTTP library implementation
libssh2 A library implementing the SSH2 protocol
lucene High-performance, full-featured text search engine
mrtg Multi Router Traffic Grapher
mutt A text mode mail user agent
mysql MySQL client programs and shared libraries
neon An HTTP and WebDAV client library
nmap Network exploration tool and security scanner
openoffice.org OpenOffice.org comprehensive office suite.
perl-Net-DNS DNS resolver modules for Perl
perl-Net-SNMP Object oriented interface to SNMP
pidgin A Gtk+ based multiprotocol instant messaging client
pilot-link File transfer utilities between Linux and PalmPilots
poppler PDF rendering library
postgresql-jdbc JDBC driver for PostgreSQL
postgresql-odbc PostgreSQL ODBC driver
pygpgme Python module for working with OpenPGP messages
python-ldap An object-oriented API to access LDAP directory servers
rdesktop X client for remote desktop into Windows Terminal Server
rhythmbox Music Management Application
spamassassin Spam filter for email which can be invoked from mail delivery agents
spambayes Bayesian anti-spam filter
strigi A desktop search program for KDE
thunderbird Mozilla Thunderbird mail/newsgroup client
totem Movie player for GNOME
wavpack A completely open audiocodec
WebKit Web content engine library
wireshark Network traffic analyzer
xine-lib A multimedia engine
xmlsec1 Library providing support for ""XML Signature"" and ""XML Encryption"" standards
xulrunner XUL Runtime for Gecko Applications

General

Package Description Notes
ant Ant build tool for java
arts aRts (analog realtime synthesizer) - the KDE sound system
boost The Boost C++ Libraries
bug-buddy Crash reporting utility for the GNOME desktop
cdrkit A collection of CD/DVD utilities
classpathx-mail GNU JavaMail(tm)
cmake Cross-platform make system
corosync The Corosync Cluster Engine and Application Programming Interfaces
doxygen A documentation system for C/C++.
eclipse An open, extensible IDE
eet Library for speedy data storage, retrieval, and compression
emacs GNU Emacs text editor
exempi Library for easy parsing of XMP metadata
exiv2 Exif and Iptc metadata manipulation library
fftw Fast Fourier Transform library
gdb A GNU source-level debugger for C, C++, Java and other languages
gedit Text editor for the GNOME desktop
geronimo-specs Geronimo J2EE server J2EE specifications
gimp GNU Image Manipulation Program
glibmm24 C++ interface for GTK2 (a GUI library for X)
gnome-desktop Package containing code shared among gnome-panel, gnome-session, nautilus, etc
gnome-doc-utils Documentation utilities for GNOME
gnome-python2 The sources for the PyGNOME Python extension module
gnome-terminal Terminal emulator for GNOME
google-gadgets Google Gadgets for Linux
gutenprint Printer Drivers Package.
hplip HP Linux Imaging and Printing Project
hsqldb Hsqldb Database Engine
ImageMagick An X application for displaying and manipulating images
imsettings Delivery framework for general Input Method configuration
ipmitool Utility for IPMI control
ipv6calc IPv6 address format change and calculation utility
isomd5sum Utilities for working with md5sum implanted in ISO images
jack-audio-connection-kit The Jack Audio Connection Kit
jakarta-commons-codec Implementations of common encoders and decoders
jakarta-commons-net Internet protocol suite Java library
java-1.6.0-openjdk OpenJDK Runtime Environment
javacc A parser/scanner generator for java
k3b CD/DVD burning application for KDE
kdeadmin K Desktop Environment - Administrative tools
kdebase-runtime K Desktop Environment - Runtime
kdebase-workspace K Desktop Environment - Workspace
kdebindings KDE bindings to non-C++ languages
kdegames K Desktop Environment 4 - Games
kdegames3 K Desktop Environment 3 - Games not ported to KDE 4
kdegraphics K Desktop Environment - Graphics Applications
kdelibs K Desktop Environment 4 - Libraries
kdelibs3 K Desktop Environment 3 - Libraries
kdemultimedia K Desktop Environment - Multimedia applications
kdenetwork K Desktop Environment - Network Applications
kdepim PIM (Personal Information Manager) applications
kdepimlibs K Desktop Environment 4 - PIM Libraries
kdesdk The KDE Software Development Kit (SDK)
kdeutils K Desktop Environment - Utilities
kdewebdev Web development applications
libdiscid A Library for creating MusicBrainz DiscIDs
libfprint Tool kit for fingerprint scanner
libgnomeui GNOME base GUI library
libical Reference implementation of the iCalendar data type and serialization format
liboil Library of Optimized Inner Loops, CPU optimized functions
libwvstreams WvStreams is a network programming library written in C++
libxslt Library providing the Gnome XSLT engine
mc User-friendly text console file manager and visual shell
mhash Thread-safe hash algorithms library
mx A collection of Python software tools
mx4j Open source implementation of JMX Java API
netbeans-platform8 NetBeans Platform 8
ntfsprogs NTFS filesystem libraries and utilities
objectweb-asm A code manipulation tool to implement adaptable systems
opal Open Phone Abstraction Library
openhpi Hardware Platform Interface library and tools
pakchois A wrapper library for PKCS#11
perl-Crypt-DES Perl DES encryption module
perl-libwww-perl A Perl interface to the World-Wide Web
perl-Net-SSLeay Perl extension for using OpenSSL
perl-Tk Perl Graphical User Interface ToolKit
php PHP scripting language for creating dynamic web sites
php-pear PHP Extension and Application Repository framework
ptlib Portable Tools Library
PyQt4 Python bindings for Qt4
Pyrex A compiler/language for writing Python extension modules
python-docs Documentation for the Python programming language.
python-reportlab Python PDF generation library
python-setuptools Easily build and distribute Python packages
python-virtinst Python modules and utilities for installing virtual machines
PyXML XML libraries for python
qca-ossl OpenSSL plugin for the Qt Cryptographic Architecture v2
qca2 Qt Cryptographic Architecture
qt Qt toolkit
qt3 The shared library for the Qt 3 GUI toolkit
quagga Routing daemon
redland RDF Application Framework
ricci Remote Cluster and Storage Management System
ruby An interpreter of object-oriented scripting language
sane-backends Scanner access software
scribus DeskTop Publishing application written in Qt
setroubleshoot Helps troubleshoot SELinux problems
stardict A powerful dictionary platform written in GTK+2
system-config-bind BIND DNS Configuration Tool
system-config-httpd Apache configuration tool
system-config-kickstart A graphical interface for making kickstart files
systemtap Instrumentation System
texlive Binaries for the TeX formatting system
tokyocabinet A modern implementation of a DBM
torque Tera-scale Open-source Resource and QUEue manager
unixODBC A complete ODBC driver manager for Linux
uuid Universally Unique Identifier library
xsane X Window System front-end for the SANE scanner interface
yum-utils Utilities based around the yum package manager

Legacy and low-priority

Package Description Notes
dump Programs for backing up and restoring ext2/ext3 filesystems
xen Xen is a virtual machine monitor
gnupg A GNU utility for secure communication and data storage
beecrypt An open source cryptography library
cyrus-imapd A high-performance mail server with IMAP, POP3, NNTP and SIEVE support
uw-imap UW Server daemons for IMAP and POP network mail protocols
inn The InterNetNews system, an Usenet news server
nss_compat_ossl Source-level compatibility library for OpenSSL to NSS porting
syslinux Simple kernel loader which boots from a FAT filesystem
fetchmail A remote mail retrieval and forwarding utility
w3m A pager with Web browsing abilities
gnome-vfs2 The GNOME virtual file-system libraries
gthumb Image viewer, editor, organizer
slrn A threaded Internet news reader
compat-gcc-34 Compatibility GNU Compiler Collection
compat-db The Berkeley DB database compatibility library
xdelta A binary file delta generator and an RCS replacement library.
isdn4k-utils Utilities for configuring an ISDN subsystem.
sharutils The GNU shar utilities for packaging and unpackaging shell archives
busybox Statically linked binary providing simplified versions of system commands

Configuration

Various packages support SHA-256, but their default configuration does not use it. Note that configuring the packages to use SHA-256 may prevent interoperability with systems that do not use SHA-256.

aide

Add the sha256 or sha512 group to your aide.conf.

krb5

On the KDC, add

master_key_type = aes256-cts
supported_enctypes = aes256-cts:normal

to your realm configuration in kdc.conf.

On all machines add the following to the [libedefaults] section of krb5.conf:

default_tgs_enctypes = aes256-cts-hmac-sha1-96
default_tkt_enctypes = aes256-cts-hmac-sha1-96
permitted_enctypes = aes256-cts-hmac-sha1-96
kdc_req_checksum_type = 12
ap_req_checksum_type = 12
safe_checksum_type = 12

nss_ldap

(After #487173 is applied, add information about pam_password and *rounds* here.)

pam

pam_unix uses DES to encrypt passwords by default. Add the sha256 or the sha512 option to use SHA-2. (This already the default in Fedora.)

openssh

To use a SHA-1 HMAC with ssh and related programs, define the MACs=hmac-sha1 option on the command line or in your configuration file.

rpm

To use SHA-256 in file digests, define the following RPM macros:

_source_filedigest_algorithm 8
_binary_filedigest_algorithm 8

(or just install redhat-rpm-config)

To use SHA-256 in PGP signatures, use an RSA key (at least 2048 bits recommended, otherwise the signature would be significantly weaker than the hash), and define the following RPM macro when signing the packages:

__gpg_sign_cmd %{__gpg} gpg --force-v3-sigs --digest-algo sha256 --batch --no-verbose --no-armor --passphrase-fd 3 --no-secmem-warning -u "%{_gpg_name}" -sbo %{__signature_filename} %{__plaintext_filename}

crytpsetup-luks

cryptsetup create uses RIPEMD160 by default when generating an encryption key. To use SHA-2, use the -h sha256 option.

Done

These packages were already migrated, or the features that need migrating are not essential. The "Notes" column should contain enough information to migrate from SHA-256 to a stronger hash in the future.

Package Description Notes
amanda A network-capable tape backup solution Only uses HMAC-SHA-1 to authenticate to Amazon S3
aide Intrusion detection environment
  • See #aide for configuration.
  • Already supports SHA-256 and SHA-512 in the "file" backend, but not the SQL backend (#485250).
coreutils A set of basic GNU tools commonly used in shell scripts
  • sha256sum et al are provided.
  • sort -R uses MD-5 to generate random (but repeatable) comparison results.
dbus D-BUS message bus Only uses SHA-1 for DBUS_COOKIE_SHA1 authentication, which is not used in Fedora (#485277).
glibc The GNU libc libraries
  • crypt() already supports SHA-256 and SHA-512.
  • localedef uses MD5 to detect duplicate items when creating locale.archive without any collision handling (#485453).
nss_db An NSS library for the Berkeley DB The integrated db4:
  • Uses SHA-1 to derive encryption and MAC keys from passwords.
  • Uses HMAC-SHA1 to verify integrity of encrypted pages.
nss_ldap NSS library and PAM module for LDAP
  • Uses MD5 only to generate password salts.
  • Depending on pam_password, may use DES or MD5 crypt() for modified userPassword (verification is done on server, and OpenLDAP appears to support SHA-2); patch for adding support for SHA-2 to pam_ldap is in #487173.
pam_pkcs11 PKCS #11/NSS PAM login module
  • Signs a SHA-1 hash of a random value to verify user's control of a token, SHA-1 used only as a transformation of the random data (the token signs the hash, not the data).
  • digest_mapper indexes certificates using a digest, using any algorithm supported by the crypto library.
pam_smb A Pluggable Authentication Module (PAM) for use with SMB servers. Uses MD4 and DES as part of SMB authentication.
rpm The RPM package management system
  • Already supports SHA-256 for RPMTAG_FILEDIGESTS.
  • Already supports SHA-256 in public key signatures (RSA v3 signatures only).
  • User interface for file digests often says "md5" (#487597).
  • Some tags hard-code hash types: RPMSIGTAG_MD5, RPMSIGTAG_SHA1, RPMSIGTAG_DSA (hard-coded SHA-1).
  • Public key fingerprint computation uses SHA-1.
yum RPM installer/updater
  • Computes MD5, SHA-1 and SHA-256 hashes of repomd.xml to be verified against metalink data.
  • Verifies hashes of repodata files, and of downloaded packages, using hashes specified in the repodata.
  • Uses MD5 and SHA-1 to compute PGP key fingerprints.
  • Verifies installed files using the hash specified in FILEDIGESTALGO.
udev A userspace implementation of devfs
  • MD5 is used for generation of UUID of the macitosh file system HFS.
  • USE_MAKEDEV_CACHE uses MD5 of a makedev.d file to generate a processed version, without any collision checking; could be exploited only by system administrator.
cryptsetup-luks A utility for setting up encrypted filesystems
  • cryptsetup create uses ripemd160 by default for key generation from passwords (see #cryptsetup-luks for configuration).
  • Uses HMAC_SHA1 in PBKDF2 key derivation.
  • Uses SHA1 to generate a random value to XOR data with.
yp-tools NIS (or YP) client programs. yppasswd replaced SHA-2 hashes with a DES hash (#487607).