Re: Wireless Keys stored unencrypted?

From: Jirka Klimes <jklimes redhat com>
To: networkmanager-list gnome org
Subject: Re: Wireless Keys stored unencrypted?
Date: Tue, 21 Jun 2011 18:27:48 +0200

On Tuesday 21 of June 2011 14:04:58 Darren Albers wrote:
> On Tue, Jun 21, 2011 at 1:08 AM, Dan Williams <dcbw redhat com> wrote:
> > On Mon, 2011-06-20 at 17:18 +0530, Ritesh Khadgaray wrote:
> >> Hi
> >> 
> >> On Sat, Jun 18, 2011 at 7:57 AM, Darren Albers <dalbers gmail com> wrote:
> >> > While doing some research I noticed that wireless keys are located
> >> > unencrypted in /etc/sysconfig/network-scripts  It even does this when
> >> > I set the wireless to not be a system-connection.   It used to be that
> >> > wireless keys were stored in the keyring which seems much safer to me
> >> > than storing them locally unencrypted.
> >> 
> >> interesting, I am not an nm developer but this seems to stem from
> >> keyfile plugin and relies on file selinux label/permission for
> >> protection.
> >> 
> >> I also do not  see an option to not save the password.
> > 
> > Correct, the passwords are not encrypted because there is no user
> > available to provide passwords.  The passwords are, however, only
> > visible too 'root' and thus should be protected; if your root user is
> > compromised you're hosed.  This is also how existing system have worked
> > for years, so NM certainly isn't a regression here.
> > 
> > You can also opt to keep your secrets in the user keyring, which is
> > accomplished by "secret flags".  For example, if you set 'psk-flags=0x1'
> > in the keyfile for a WPA-PSK connection, then NM will ask a user agent
> > (like nm-applet) for the password instead of keeping it in /etc.  This
> > option is only exposed for 802.1x and LEAP passwords though (via the
> > "Always ask for this password" checkbox) because only those password
> > types are really personal passwords; a WPA-PSK or WEP key really isn't
> > personal.
> > 
> > VPN connections also default to having secrets owned by the user's
> > session in a keyring.
> > 
> > Dan
> 
> Thank you Dan!   It sounds like I am incorrect but I used to recall
> that if a connection was not a system connection that the key would be
> stored in the keyring and that was the default.  Is that not the case
> any longer?
> 

With NM 0.9 we get rid of user connections, so we have just system connections 
(stored and managed by NM itself). And connection visibility only for some 
users is obtained via permissions in every connection (see USERS= in ifcfg 
files).
As far as secrets are concerned, there are now "Secret Propery Flags" flags 
saying where the password is stored; see 
http://projects.gnome.org/NetworkManager/developers/migrating-to-09/secrets-
flags.html
By default, secrets are stored by NM (flag 0x00). But, as Dan said, for certain 
connection types (like VPN), the password is rather stored by the client (in a 
keyring) by default.

Jirka

Follow-Ups:
- Re: Wireless Keys stored unencrypted?
  - From: Darren Albers

References:
- Wireless Keys stored unencrypted?
  - From: Darren Albers
- Re: Wireless Keys stored unencrypted?
  - From: Dan Williams
- Re: Wireless Keys stored unencrypted?
  - From: Darren Albers

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]