[PATCH] stop using pwgen

Jason A. Donenfeld Jason at zx2c4.com
Sun Dec 18 17:48:01 CET 2016


Hi Brian,

Thanks for your feedback.

On Sun, Dec 18, 2016 at 5:29 PM, Brian Candler <b.candler at pobox.com> wrote:
> Well firstly, it doesn't even work under OSX. I tried this:
> ./badpass.sh: line 4: read: -N: invalid option
> tr: Illegal byte sequence
> read -r -n $length pass < <(LC_ALL=C tr -dc "$characters" < /dev/urandom)
> And now it works:

Thanks! Fixed. Good catch and good solution.

> But more seriously, there is the risk that this will consume a pipe-buffer
> (4KB? 8KB?) of entropy, only to discard most of it. That's extremely
> wasteful.

Reading from /dev/urandom has no affect on
/proc/sys/kernel/random/entropy_avail on Linux. Does it have affect on
any other platforms?

> Furthermore, despite consuming so much entropy, it doesn't even guarantee
> that every password generated has at least one upper-case, lower-case, digit
> and symbol - i.e. the password may still be rejected by many websites!

I don't think this is a problem in practice. The way most pass users
operate is if they can get away with it, they use the default generate
that includes some symbols. If they can't, they fall back to
--no-symbols. If a site has some bizarre requirements, they just tweak
whatever the high-entropy output from generate was with some addition
of required characters.

> I think we need a pluggable password generator, so at least we don't have to
> argue and people can use whatever generator they prefer. And as for a
> default, well pwgen is (in my opinion) better than the one in that patch.

Next release of pass will be generally pluggable, so I'll consider this.

Jason


More information about the Password-Store mailing list