deprecated key derivation used by amcrypt-ossl
Amanda Network Backup
Brought to you by:
amandatrusted
Menu
▾
▴
#112 deprecated key derivation used by amcrypt-ossl
open
nobody
None
2022-05-05
2019-09-01
Anonymous
No
Originally created by: MEitelwein
With last versions of openssl the warning message
? data encrypt: *** WARNING : deprecated key derivation used.
? data encrypt: Using -iter or -pbkdf2 would be better.
is being produced by amcrypt-ossl.
It can be corrected by adding -pbkdf2 to the amcrypt-ossl calls to openssl:
if [ "$1" = -d ]; then
# decrypt
"${OPENSSL}" enc -pbkdf2 -d "-${CIPHER}" -nopad -salt -pass fd:3 3< "${PASSPHRASE}"
else
# encrypt
pad | "${OPENSSL}" enc -pbkdf2 -e "-${CIPHER}" -nopad -salt -pass fd:3 3< "${PASSPHRASE}"
fi
Originally posted by: stefangweichinger
Still not fixed upstream.
I hit this again as some manually patched Debian servers reinstalled the old unpatched scripts when upgrading to Debian Buster 10.4
bump
edit: we need to be careful here, in my tests I noticed problems at the restore.
Originally posted by: tacerus
Any update on this? Encountering this in Amanda version 3.5.1.
Originally posted by: stefangweichinger
one year gone, still no reply from the responsible maintainers
Originally posted by: tacerus
I have since stopped using Amanda and moved to Restic. But Amanda stays in a special place in my heart. :)
Originally posted by: djmitche
Who are the "responsible maintainers"?
Originally posted by: Hawk777
I don’t know who specifically, but I would assume anyone with commit access to this repo counts.
Originally posted by: dirkx
Had the same issue; and as of 1/1/2022 it is now important to be sogis.eu compliant (EU version of a lot of the NIST federal processing regulation) - filed https://github.com/zmanda/amanda/pull/165
Originally posted by: stefangweichinger
Still patching manually on backup servers :-(
Originally posted by: stefangweichinger
Still facing these issues. Applied that patch on a debian 11.3 machine, running amdump gives me a "FAIL" run with:
Anyone else seeing this, any better workaround?
Originally posted by: exuvo
I have replaced my encryption needs with:
pbkdf2 to fix the deprecated key derivation, aes-256-ctr for better and faster encryption (ctr can be parallelized). Also padding is not needed with this encryption method.
Originally posted by: stefangweichinger
great. Let me add this one for completeness: the file defined in $RANDFILE has to be created and seeded like in:
Could that maybe even be done by the wrapper script itself?
Originally posted by: exuvo
Ah yes mine was probably already created long ago when i set up encryption.
From what i have read the random file is not really needed on most systems as it is only there to help with low entropy systems (ie server that does nothing most of the time).
Each time openssl runs it uses that file (if specified) for random seeds and at command end it replaces the file with 256 new bytes of randomness for the next invocation.
It is not needed for decryption.
Originally posted by: stefangweichinger
@exuvo thanks for the explanation. Correct, I see it replaced already. So it would make even more sense to add some block to the wrapper like "if not exists file $RANDFILE, dd some random bytes into it". This would help the initial configuration/setup (which I tend to put into some HOWTO somewhere).
Originally posted by: exuvo
This should do it:
Originally posted by: stefangweichinger
Yep, looks ok. Will test, thanks.
Originally posted by: stefangweichinger
A whitespace before the closing bracket was missing, tiny correction:
Edit: unfortunately I see "missing size line from sendbackup" in the amanda reports.
My quick tests show that this is with DLEs using
amsambaplus the encryption.The simpler tar-based DLEs seem to work fine.