diff options
| author | agc <agc@pkgsrc.org> | 2007-05-10 18:18:16 +0000 |
|---|---|---|
| committer | agc <agc@pkgsrc.org> | 2007-05-10 18:18:16 +0000 |
| commit | 0ac665d99bb0afdda1da65501c81b8a9b2bd80a9 (patch) | |
| tree | f6149a3773a15937f732e6691a7e8d86edc574d2 /security/sbd/patches | |
| parent | 0632bfa1d22f46aa144c5722dbff3b2ccad84b7a (diff) | |
| download | pkgsrc-0ac665d99bb0afdda1da65501c81b8a9b2bd80a9.tar.gz | |
Initial import of sbd-0.5 into the Packages Collection.
One-time cipher based back door program for executing emergency
commands.
Secure Back Door(SBD) is an alternative to leaving SSH open all the
time. It is based on a secure one-time keypad method, that insures
maximum security. Since SBD is very small, it is less likely to have
security exploits, as compared to SSH. Therefore, you could leave an
important computer up and running with just sbdd running in the
background, and if an emergency came about, you could simple execute a
command to bring ssh up, then work on the computer as regular. It
would be as simple as doing ./sbd domain.com "/etc/init.d/sshd start",
and with the proper key file set, the remote computer would have ssh
up and running shortly.
Diffstat (limited to 'security/sbd/patches')
| -rw-r--r-- | security/sbd/patches/patch-aa | 22 | ||||
| -rw-r--r-- | security/sbd/patches/patch-ab | 33 |
2 files changed, 55 insertions, 0 deletions
diff --git a/security/sbd/patches/patch-aa b/security/sbd/patches/patch-aa new file mode 100644 index 00000000000..318c4f04b33 --- /dev/null +++ b/security/sbd/patches/patch-aa @@ -0,0 +1,22 @@ +$NetBSD: patch-aa,v 1.1.1.1 2007/05/10 18:18:16 agc Exp $ + +--- sbd.cpp 2007/05/10 09:59:22 1.1 ++++ sbd.cpp 2007/05/10 10:00:30 +@@ -121,7 +121,7 @@ + + // We always assume server recieved the command ok + // truncate file so same bytes are not used +- truncateFile("enckey.bits", keyBytesUsed); ++ truncateFile(PKG_SYSCONFDIR "/" "enckey.bits", keyBytesUsed); + + return 0; + } +@@ -136,7 +136,7 @@ + eMsg=""; // Finished cypher text + + // get key bytes from file +- readKey("enckey.bits", key, SHA1_SIZE*2 + msg.size()); ++ readKey(PKG_SYSCONFDIR "/" "enckey.bits", key, SHA1_SIZE*2 + msg.size()); + + // Copy 20 bytes of key over to hashOTP for computing HMAC-SHA1 + for (i = 0; i < SHA1_SIZE; i++) diff --git a/security/sbd/patches/patch-ab b/security/sbd/patches/patch-ab new file mode 100644 index 00000000000..7140672f82a --- /dev/null +++ b/security/sbd/patches/patch-ab @@ -0,0 +1,33 @@ +$NetBSD: patch-ab,v 1.1.1.1 2007/05/10 18:18:16 agc Exp $ + +--- sbdd.cpp 2007/05/10 09:59:22 1.1 ++++ sbdd.cpp 2007/05/10 10:01:05 +@@ -110,8 +110,8 @@ + return 1; + } + +- readKey("athkey.bits", authBytes, AUTH_SIZE); +- truncateFile("athkey.bits", AUTH_SIZE); ++ readKey(PKG_SYSCONFDIR "/" "athkey.bits", authBytes, AUTH_SIZE); ++ truncateFile(PKG_SYSCONFDIR "/" "athkey.bits", AUTH_SIZE); + + for (i = 0; i < authBytes.size() ; i++) + { +@@ -180,7 +180,7 @@ + unsigned char hashOTP[SHA1_SIZE]; // First 20 bytes of OTP used to comput HMAC-SHA1 + unsigned char finishedHash[SHA1_SIZE]; // Finished HMAC-SHA1 hash + +- readKey("deckey.bits", key, infileCmd.size()+SHA1_SIZE); ++ readKey(PKG_SYSCONFDIR "/" "deckey.bits", key, infileCmd.size()+SHA1_SIZE); + + // Copy 20 bytes of key over to hashOTP for computing HMAC-SHA1 + for (i = 0; i < SHA1_SIZE; i++) +@@ -227,7 +227,7 @@ + logFile << "system() returned : " << system(cmd.c_str()) << endl; + + //truncate bytes file +- truncateFile("deckey.bits", infileCmd.size()+SHA1_SIZE); ++ truncateFile(PKG_SYSCONFDIR "/" "deckey.bits", infileCmd.size()+SHA1_SIZE); + return 0; + } + |