From: Stephen Hemminger <stephen@networkplumber.org>
To: Eric Biggers <ebiggers@kernel.org>
Cc: netdev@vger.kernel.org, David Ahern <dsahern@gmail.com>,
Andrea Mayer <andrea.mayer@uniroma2.it>,
David Lebrun <dlebrun@google.com>
Subject: Re: [PATCH iproute2-next v2] man8: ip-sr: Document that passphrase must be high-entropy
Date: Wed, 20 Aug 2025 09:25:35 -0700 [thread overview]
Message-ID: <20250820092535.415ee6e0@hermes.local> (raw)
In-Reply-To: <20250816031846.483658-1-ebiggers@kernel.org>
On Fri, 15 Aug 2025 20:18:46 -0700
Eric Biggers <ebiggers@kernel.org> wrote:
> diff --git a/man/man8/ip-sr.8 b/man/man8/ip-sr.8
> index 6be1cc54..cd8c5d18 100644
> --- a/man/man8/ip-sr.8
> +++ b/man/man8/ip-sr.8
> @@ -1,6 +1,6 @@
> -.TH IP\-SR 8 "14 Apr 2017" "iproute2" "Linux"
> +.TH IP\-SR 8 "15 Aug 2025" "iproute2" "Linux"
NAK - do not change man page date for each change.
> .SH "NAME"
> ip-sr \- IPv6 Segment Routing management
> .SH SYNOPSIS
> .sp
> .ad l
> @@ -32,13 +32,21 @@ internal parameters.
> .PP
> Those parameters include the mapping between an HMAC key ID and its associated
> hashing algorithm and secret, and the IPv6 address to use as source for encapsulated
> packets.
> .PP
> -The \fBip sr hmac set\fR command prompts for a passphrase that will be used as the
> -HMAC secret for the corresponding key ID. A blank passphrase removes the mapping.
> -The currently supported algorithms for \fIALGO\fR are \fBsha1\fR and \fBsha256\fR.
> +The \fBip sr hmac set\fR command prompts for a newline-terminated "passphrase"
That implies that newline is part of the pass phrase.
The code to read password is using getpass() which is marked as obsolete
in glibc. readpassphrase is preferred.
> +that will be used as the HMAC secret for the corresponding key ID. This
> +"passphrase" is \fInot\fR stretched, and it is used directly as the HMAC key.
> +Therefore it \fImust\fR have enough entropy to be used as a key. For example, a
> +correct use would be to use a passphrase that was generated using
> +\fBhead\~-c\~32\~/dev/urandom\~|\~base64\~-w\~0\fR.
Shouldn't /dev/random be used instead of /dev/urandom for keys.
Also, I would prefer original author evaluate this
> +.PP
> +A blank "passphrase" removes the mapping.
> +.PP
> +The currently supported algorithms for \fIALGO\fR are \fBsha1\fR and
> +\fBsha256\fR.
next prev parent reply other threads:[~2025-08-20 16:25 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-16 3:18 [PATCH iproute2-next v2] man8: ip-sr: Document that passphrase must be high-entropy Eric Biggers
2025-08-20 16:25 ` Stephen Hemminger [this message]
2025-08-20 18:43 ` Eric Biggers
2025-08-20 19:54 ` Stephen Hemminger
2025-08-20 22:07 ` Andrea Mayer
2025-08-21 3:21 ` Eric Biggers
2025-08-22 23:39 ` Paolo Lungaroni
2025-08-23 0:08 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250820092535.415ee6e0@hermes.local \
--to=stephen@networkplumber.org \
--cc=andrea.mayer@uniroma2.it \
--cc=dlebrun@google.com \
--cc=dsahern@gmail.com \
--cc=ebiggers@kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.