Inguqulelo entsha ye-passwdqc 2.0.0 sele ikhutshiwe, apho ku eyona nto intsha inoveli yinkxaso yeefayile zangaphandle zokucoca iphasiwedi, kubandakanya iifayile zebhanari, okwangoku ekuphunyezweni kwefilogu ephuculweyo.
Kulungiselelwe abo bangaziyo nge-passwdqc, kufuneka bayazi loo nto Esi siseti yezixhobo zokulawula ubunzima beephasiwedi kunye nezivakalisi, ebandakanya imodyuli ye-pam_passwdqc, i-pwqcheck, i-pwqfilter (eyongezwe kolu khululo), kunye ne-pwqgen yokusetyenziswa kwesandla okanye okubhaliweyo, kunye nelayibrari ye-libpasswdqc.
Zombini iinkqubo ezinePAM (uninzi lweLinux, FreeBSD, DragonFly BSD, Solaris, HP-UX) kunye neenkqubo ngaphandle kwePAM ziyaxhaswa (ujongano lwegama eligqithisiweyo lixhaswa kwi-OpenBSD, ikhonkco eliqhotyoshelwe ekusebenziseni i-pwqcheck kwi-PHP, kukho ingxelo ehlawulelweyo yeWindows kunye iinkqubo kunye nelayibrari zinokusetyenziswa kwezinye iinkqubo).
ipasswdqc yenza umsebenzi olunge kakhulu ngokungagqithisi amagama agqithisiweyo ngaphandle kokusebenzisa iifayile zangaphandle. Ukusetyenziswa kwayo kunokuqhubeka nokuphucula ukusebenza kakuhle ye-passwdqc ngaphandle kokuphazamiseka okungakumbi kubasebenzisi, okanye banokuyekisa eminye imiqobo.
I-NIST icebisa oku kungqinwa kwamagama akhethiweyo ngumsebenzisi ngokuchasene nokuvuza okwaziwayo. Kwaye kwiprojekthi ye-Openwall, eli lithuba elinokubakho lokuxhasa ngemali uphuhliso lwe-passwdqc (kwaye ayisiyiyo kuphela) ngokuthengisa iifilitha ezenziwe kwangaphambili, ngaphandle kokukhawulela abasebenzisi kubuchule bokwenza izihluzi ngokwabo besebenzisa inkqubo ye-pwqfilter epapashiweyo. iphepha-mvume lasimahla.
Inkqubo i-pwqfilter isebenza ngentambo engenakuphikiswa kwaye inokusetyenziselwa indawo ye-grep ngeenjongo ezininzi ngaphaya kwephasiwedi kunye nokhuseleko. Ngale nto engqondweni, i-pwqfilter ineenketho ezininzi ezifanayo nezo zifunyenwe kwi-grep, kuthintela ukusebenzisa amagama okhetho aphikisana nee-grep's, kwaye isebenzisa iikhowudi ezifanayo zokubuyisa njenge-grep.
Iimpawu ezintsha eziphambili zepassddc 2.0.0
Njengoko kukhankanyiwe ekuqaleni Olona hlobo lutsha lwenguqulelo entsha yinkxaso yeefayile zangaphandle zokucoca iphasiwedi kwaye yile Xa kuthelekiswa neenguqulelo zangaphambili, eli cebo liqinisekisiweyo ukuba aliyi kuvumela nawaphi na amagama agqithisiweyo angavumelekanga ukuba adlule, kodwa ngamanye amaxesha inokukhokelela kwiziphumo ezingeyonyani, ezinokwenzeka ukuba azinakuthelekiswa nanto kuseto kunye nealgorithm esetyenziswe kwi-passwdqc.
Ukujonga igama eligqithisiweyo lobukho becebo lokucoca akufuneki ukufikelela kokungafundeki okungaphaya kokubini okuvela kwidiski, ekhawulezayo kakhulu kwaye ngokubanzi ayenzi mthwalo ungaphezulu kwiserver.
Ukwenza kunye nokusebenza kunye neefilitha zeefilitha, inkqubo ye-pwqfilter yongezwe kwi-passwdqc, ekuvumela ukuba wenze icebo lokucoca ulwelo kuluhlu lwamagama okugqitha kunye ne-MD4 okanye i-NTLM ngokukhawuleza.
Inkxaso ye-hashes ye-NTLM ivumela ukungenisa amagama okugqitha kuluhlu lwe-HIBP (Amaphasiwedi agqithisiweyo) asasazwa ngale ndlela. Umsebenzi omninzi uye wenziwa ekusebenziseni i-pwqfilter ngokwesantya, ukudityaniswa kwezihluzo ezibangelwe, kunye nenqanaba lealam zokuxoka.
Umzekelo, yenza isihluzo se-cuckoo nge-98% yomthwalo osuka kwifayile ye-21 GiB (22 GB) efakwe kwi-passwords-ntlm-order-by-hash-v7.txt engaphezulu kwe-613 yezigidi zemigca ethatha malunga nemizuzu esi-8 kwiCore. Inkqubo ye-i7-4770K.
Isihluzi esivelisayo yi-2,3 GiB (2,5 GB) kwaye inenqanaba elichanekileyo lobuxoki elimalunga ne-1 kwi-1,15 yezigidigidi. Ngento ekujoliswe kuyo ekulayisheni umthwalo, isihluzo sinokudalwa ngokukhawuleza okukhulu kwaye sinokuba namaqondo asezantsi olungileyo, kodwa ubungakanani becebo lokucoca ulwelo liya kuba likhulu.
Gqibela ukuba unomdla wokwazi okungakumbi ngayo malunga nale nguqulo ikhutshiweyo ungajonga iinkcukacha Kule khonkco ilandelayo.
Uyifaka njani iPasswdqc kunye noBuntu kunye neziphumo?
Kulabo abanomdla wokukwazi ukufaka iPasswdqc kwinkqubo yabo, banokwenza oko ngokulandela imiyalelo esabelana ngayo ngezantsi.
Iphakheji enjalo ingaphakathi koovimba bobuntu, Nangona inguqulelo entsha ingekahlaziywa ngaphakathi koovimba, ngumcimbi nje wokulinda iintsuku ezimbalwa.
Ukuyifaka, kufuneka sivule i-terminal kwaye sichwetheze oku kulandelayo:
sudo apt-get install passwdqc