[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tcfs
Subject:    Re: A problem with tcfspl6
From:       Dan Adrian Nutu <dannutu () pcnet ! pcnet ! ro>
Date:       1997-06-13 19:07:07
[Download RAW message or body]

Terrence Martin said:

>Yes! You can change your session key.
>      This is done using the tcfslogin command with the -k flag (see
>tcfslogin(1) man page).

Ok, I guess that's the new version of tcfslogin.


>So now I have a problem, tcfslogin accepts my password but when I access
>my secure files I get a bunch of garbage(not like the encrypted filename
>but random characters) and a whole bunch of file not found errors.
>
>twm139@arnold ~/secure$ ls
>ls: ;{AnjNj8h%*E: No such file or directory
>ls: #P<U#'l|L
>                   : No such file or directory
>ls: OuRFt#Vb: No such file or directory
>ls: 
>      E}w     1I`#: No such file or directory
>ls: f$YRJ |
>                9m    @b     @     @     @     @     @P@c@: No such file
>or directory
>ls: e
>Y3": No such file or directory
>
>So tell me, am I screwed?
>
>I noticed that a file /etc/tcfspasswd.OLD file is created, unfortunately I
>do not think it is the original before I had problems since I did a few
>password changes before I realized it was there. 
>
>Now what kind of recovery capabilities are there with tcfs, is there any
>way to confirm that I have the proper pass phrase? Could my login password
>gotten out of sync with the tcfs password?


If it did I'm afraid you just kissed your files good-bye :-(

tcfsgenkey generates a random key, encrypts it using des and
your real cryp(3)ed password entry (/etc/passwd) as the key,
and and stores it in /etc/tcfspasswd (encoded with base64).

tcfslogin decodes (with base64) the tcfs key taken from
/etc/tcfspasswd and then `decrypts' it using des and your
typed-in password as the key. This is the real key tcfs
uses when crypting and decrypting files. At least in my
version of tcfs...

Now: if you changed /etc/passwd you must type the new password
when using tcfslogin, or it will refuse to run. I _assume_
tcfslogin -k uses the typed-in password with a base64 encoded
tcfs key from another file the same way it does with the tcfs
key from /etc/tcfspasswd. If (and _only_ _IF_) this is true
_and_ if you changed /etc/passwd with the system passwd command
(not the one that came with tcfs) you can change your system
password back to what it was and try to use /etc/tcfspasswd.
If /etc/tcfspasswd was modified, but not with the passwd command
that came with tcfs I'm afraid you don't have any way of
regenerating the original key :-( If /etc/tcfspasswd was
modified only by the passwd command that came with tcfs I
suspect a bug (less likely) or a wrong command order (more
likely). Did you tcfslogout between password changes?

Anyway, I don't have the source code for the new version of
tcfs (and I don't intend to get it soon), so all this may
be as well crappy :-)

My best wishes in your quest ;-)

PS: Is there anybody else on this list?!?? Any author?


-- 
cul8r,
Dan
         Sham incalekat pe retzea shi vam trimisssz poshta asha :)

  dannutu@pcnet.pcnet.ro   dannutu@ulise.cs.pub.ro   (14503@pager.cnm.ro)

[prev in list] [next in list] [prev in thread] [next in thread]