This is the mail archive of the ecos-discuss@sources.redhat.com mailing list for the eCos project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Protecting RedBoot in the field


On Mon, 2002-10-28 at 08:17, Andrew Lunn wrote:
> > That said, I think a password (stored in 'fconfig') would be a
> > great addition.
> 
> I wondered about encrypting the passwd so its not plain text. But does
> that get is into US export regulation problems? Is crypt(3) still
> under restrictions? Can anybody suggest an alternative?

The restrictions on most simple algorithms (IIRC less than 56 bit
keys) have been lifted for a couple of years.

That said, the encryption could be quite simple as this is only
a first level defense.  Anyone who could be attempting to use
this to get into RedBoot will most likely have physical access
to the unit anyway, so heroic attempts at security probably are
not warranted.  (Of course, feel free to contradict me on this)

-- 
------------------------------------------------------------
Gary Thomas                  |
eCosCentric, Ltd.            |  
+1 (970) 229-1963            |  eCos & RedBoot experts
gthomas@ecoscentric.com      |
http://www.ecoscentric.com/  |
------------------------------------------------------------


-- 
Before posting, please read the FAQ: http://sources.redhat.com/fom/ecos
and search the list archive: http://sources.redhat.com/ml/ecos-discuss


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]