SixXS::Sunset 2017-06-06

Feature request: per-tunnel passwords for untrusted gateways
[de] Shadow Hawkins on Thursday, 26 March 2009 09:15:52
I am administering a IPv6 tunnel on a gateway that several people should have root access to. But in that case I would have to reveal my SixXS credentials in aiccu.conf, potentially compromising my whole SixXS infrastructure. This could be mitigated if you offered additional per-tunnel login passwords for the main handle or tunnel-specific accounts (<handle>-Txxxxx) that only authorize for minimal access to the tunnel-specific parameters required by aiccu. Best regards, Christiane
Feature request: per-tunnel passwords for untrusted gateways
[ch] Jeroen Massar SixXS Staff on Saturday, 28 March 2009 01:21:35
And then people can take those tunnel parameters and use them somewhere else and abuse it from there. Adding tunnel-specific accounts won't overcome that issue unfortunately. If you don't trust the people who have access to the configuration file, then you should not trust them to use the tunnel either and you should not terminate a tunnel there.
Feature request: per-tunnel passwords for untrusted gateways
[de] Shadow Hawkins on Sunday, 29 March 2009 04:31:10
IMHO it will overcome the issue of one tunnel compromised vs. all tunnels compromized. Trust in the admins or not, endpoints and thus tunnel account credentials will be compromised, and authorization separation is the easiest and most effective in depth security measure you could offer rather easily. Cheers, Christiane
Feature request: per-tunnel passwords for untrusted gateways
[ch] Jeroen Massar SixXS Staff on Sunday, 29 March 2009 11:41:13
If you don't trust them, don't share. If your tunnel is compromised then it can be abused, which will result in your account being disabled. Thus, make sure that the people who have access to it are trusted, otherwise don't set up a tunnel to that host. See above link for other details.
Feature request: per-tunnel passwords for untrusted gateways
[de] Shadow Hawkins on Monday, 30 March 2009 03:01:49
Setting up a tunnel for the company on a router that several people have access to is one thing. Of course I trust them, otherwise I wouldn't do it. But I have aiccu running on five systems now, and there's always the chance of one of them being cracked open and my SixXS credentials in aiccu.conf falling into the wrong hands. This has nothing to do with trust. What's the point of threatening the victims with account suspension due to abuse in such a case? And why do you feel that lecturing me is the right thing to do? I was just asking about a passive security measure that would mitigate the risks of such compromises, and my train of thought started when I was setting up that company router. Anyway, I interpret your answers as "not going to happen", and that is just fine with me. Best, Christiane

Please note Posting is only allowed when you are logged in.
Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker