Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Sat, 19 Mar 2011 03:05:21 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: bitslice DES on AVX

On Thu, Mar 17, 2011 at 11:08:10PM +0100, rembrandt wrote:
> I own such a CPU (i7-2600, 3,4Ghz)... :-)
> 
> Just I've no *NIX yet on it. I could offer it to you as a testbox for a
> while (ssh) or if you tell me what tests you need I'll perform these.

I'd appreciate it if you boot it up off an Owl LiveCD (x86_64) and let
me SSH in (please provide the login details off-list).  I've attached
our standard instructions (which we normally use for remote installs of
Owl).  The download links are right here:

http://www.openwall.com/Owl/

(BTW, we've updated Owl-current to use OpenSSL 1.0.0d since the last
discussion in here.)

> Also I noticed the CPU supports AES (did not checked what modes) so
> maybe that' also worth locking.

It does (one instruction per AES round, not a specific mode).  In fact,
this was introduced earlier, not with Sandy Bridge.  I am considering
making use of this for a related purpose - see our GSoC ideas list:

http://openwall.info/wiki/ideas

If JtR ever needs to crack anything based on AES where performance
of AES encryption itself matters (normally, there would be a slow key
derivation function instead), then these instructions will also be
useful for JtR.

Thanks,

Alexander

1. Boot off the Owl x86_64 CD.

2. When the shell prompt appears, enter "setup".

3. In "setup", choose "Set root password" and set a temporary root
password for the CD-booted system.

4. Also in "setup", choose "Configure network" to configure networking
for the CD-booted system.

5. Do not bother configuring anything else, just "Exit" from "setup".

6. "exit" from the single-user shell.  The system will proceed to boot
into multi-user, and a "login:" prompt should appear.

7. Make sure you can ping the system at the IP address you've
configured.  Similarly, make sure you can SSH into the system at the
IP address and with the temporary root password you've configured.
(If not, repair whatever you might have misconfigured, either by
starting this procedure from scratch or by logging in and fixing it if
you know how to do that.)

An alternative test is to login to the CD-booted system and try to ping
another machine from it.

A potential problem is that the machine may have multiple NICs, whereas
you'd only connect cables to some of them.  You may fix this by
re-connecting cables until ping succeeds or by configuring other NICs in
the system (but avoid having the same network/netmask configured on
multiple interfaces at once).  To get a list of all Ethernet interfaces
the Linux kernel sees, run the commands:

ip link | fgrep eth
dmesg | fgrep eth

8. Leave the system at the login prompt and communicate to us two
things: the temporary root password and the system's IP address you've set.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ