[unisog] Password Vaults

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Mon Oct 6 21:08:32 GMT 2008


On Mon, 06 Oct 2008 14:24:56 MDT, Trevor Odonnal said:

> 2. The software changes the password automatically when it is checked back in
> to the vault

Looks like a single-point-of-failure mode waiting to happen.  Make sure you
have a plan for being able to login to your servers if your vault software goes
belly-up.  This sort of thing failing is bad enough if the last sysadmin
who checked out the password might still have a record of it(*), it's even
worse if there isn't a cleartext version of the new password *anyplace*...

Also, note that the act of giving the vaulting software the neccessary access
to change the root password means you're possibly opening up a *huge* security
hole if the vaulting software doesn't authenticate itself to the system in
a truly secure unspoofable manner...

(*) Yes, the sysadmin is going to have a copy of it someplace.  He just
checked out the root password, which is probably something like '9$e23G!*//L'.
How's he going to enter that if he doesn't have it available somehow?  And
if it *isn't* a randomized password like that, what are you doing to enforce
password strength requirements?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.sans.org/pipermail/unisog/attachments/20081006/0b282ba2/attachment.bin 


More information about the unisog mailing list