-
-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
9 changed files
with
1,205 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
*~ | ||
passwordcheck | ||
passwordcheck.exe |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
# This is an example goreleaser.yaml file with some sane defaults. | ||
# Make sure to check the documentation at http://goreleaser.com | ||
before: | ||
hooks: | ||
# You may remove this if you don't use go modules. | ||
- go mod download | ||
# you may remove this if you don't need go generate | ||
- go generate ./... | ||
builds: | ||
- env: | ||
- CGO_ENABLED=0 | ||
goos: | ||
- linux | ||
- windows | ||
- darwin | ||
- freebsd | ||
- netbsd | ||
- openbsd | ||
goarch: | ||
- amd64 | ||
- 386 | ||
- arm | ||
- arm64 | ||
archives: | ||
- | ||
format: zip | ||
replacements: | ||
darwin: macOS | ||
files: | ||
- README.md | ||
- COPYING | ||
checksum: | ||
name_template: 'checksums.txt' | ||
snapshot: | ||
name_template: "{{ .Tag }}-beta" | ||
changelog: | ||
sort: asc | ||
filters: | ||
exclude: | ||
- '^docs:' | ||
- '^test:' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
Copyright (C) 2020 by Nick Craig-Wood http://www.craig-wood.com/nick/ | ||
|
||
Permission is hereby granted, free of charge, to any person obtaining a copy | ||
of this software and associated documentation files (the "Software"), to deal | ||
in the Software without restriction, including without limitation the rights | ||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
copies of the Software, and to permit persons to whom the Software is | ||
furnished to do so, subject to the following conditions: | ||
|
||
The above copyright notice and this permission notice shall be included in | ||
all copies or substantial portions of the Software. | ||
|
||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | ||
THE SOFTWARE. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
# passwordcheck for rclone config files | ||
|
||
In https://github.com/rclone/rclone/issues/4783 a security issue was | ||
found which meant that passwords generated by "rclone config" might be | ||
insecure. | ||
|
||
This program checks your rclone config file for any of those | ||
passwords. | ||
|
||
## Installation | ||
|
||
Download the relevant zip file for your OS and architecture from here: | ||
|
||
- https://github.com/rclone/passwordcheck/releases | ||
|
||
Unpack the zip archive - use `unzip archive.zip` on Linux/macOS - use | ||
Explorer on Windows. | ||
|
||
Open a terminal and change directory to the place you unpacked the zip | ||
file. | ||
|
||
First find where your rclone config file is. | ||
|
||
``` | ||
rclone config file | ||
Configuration file is stored at: | ||
/home/USER/.rclone.conf | ||
``` | ||
|
||
Now run the utility with this as an argument | ||
|
||
``` | ||
./passwordcheck /home/USER/.rclone.conf | ||
``` | ||
|
||
Note that it may take 10 minutes or more to run. At the end it will | ||
print a report showing any insecure passwords found. | ||
|
||
For example: | ||
|
||
``` | ||
$ ./passwordcheck ~/.rclone.conf | ||
2020/11/19 14:01:49 Looking through 39103309 seeds from seed 1566691200 generated at 2019-08-25 01:00:00 to seed 1605794509 generated at 2020-11-19 14:01:49 for 3 passwords of length 64 bits | ||
2020/11/19 14:03:38 FOUND match for remote test-remote-1: obscured password "fJKeinHaUgkd_4pO0J70tUMUkvoxoPES5p7-" at seed 1605788442 generated at 2020-11-19 12:20:42 | ||
2020/11/19 14:03:38 That took 1m48.992723504s for 358769.904475 seeds/s | ||
2020/11/19 14:03:38 Looking through 39103309 seeds from seed 1566691200 generated at 2019-08-25 01:00:00 to seed 1605794509 generated at 2020-11-19 14:01:49 for 1 passwords of length 80 bits | ||
2020/11/19 14:05:26 That took 1m48.506673926s for 360376.994199 seeds/s | ||
2020/11/19 14:05:26 Looking through 39103309 seeds from seed 1566691200 generated at 2019-08-25 01:00:00 to seed 1605794509 generated at 2020-11-19 14:01:49 for 3 passwords of length 88 bits | ||
2020/11/19 14:07:15 That took 1m48.705563639s for 359717.641775 seeds/s | ||
2020/11/19 14:07:15 Looking through 39103309 seeds from seed 1566691200 generated at 2019-08-25 01:00:00 to seed 1605794509 generated at 2020-11-19 14:01:49 for 5 passwords of length 96 bits | ||
2020/11/19 14:09:04 That took 1m48.960218306s for 358876.933324 seeds/s | ||
2020/11/19 14:09:04 Looking through 39103309 seeds from seed 1566691200 generated at 2019-08-25 01:00:00 to seed 1605794509 generated at 2020-11-19 14:01:49 for 3 passwords of length 104 bits | ||
2020/11/19 14:10:52 That took 1m48.214117167s for 361351.273047 seeds/s | ||
2020/11/19 14:10:52 Looking through 39103309 seeds from seed 1566691200 generated at 2019-08-25 01:00:00 to seed 1605794509 generated at 2020-11-19 14:01:49 for 5 passwords of length 112 bits | ||
2020/11/19 14:12:40 That took 1m48.342694733s for 360922.433177 seeds/s | ||
2020/11/19 14:12:40 Looking through 39103309 seeds from seed 1566691200 generated at 2019-08-25 01:00:00 to seed 1605794509 generated at 2020-11-19 14:01:49 for 21 passwords of length 128 bits | ||
2020/11/19 14:14:31 FOUND match for remote test-remote-2: obscured password "r-zxEh10ufF9r48najyPn9UrmECuMhWTkIsEubDKtZ3fehFHMwY" at seed 1605793125 generated at 2020-11-19 13:38:45 | ||
2020/11/19 14:14:31 FOUND match for remote test-remote-3: obscured password "px0py_poF8Jzis0rxNGf2OvtVZPnmwUruqI1o3trhE1I8fcR3To" at seed 1605793170 generated at 2020-11-19 13:39:30 | ||
2020/11/19 14:14:31 That took 1m50.446349362s for 354047.999104 seeds/s | ||
2020/11/19 14:14:31 Looking through 39103309 seeds from seed 1566691200 generated at 2019-08-25 01:00:00 to seed 1605794509 generated at 2020-11-19 14:01:49 for 1 passwords of length 144 bits | ||
2020/11/19 14:16:19 That took 1m47.826663577s for 362649.716710 seeds/s | ||
2020/11/19 14:16:19 Looking through 39103309 seeds from seed 1566691200 generated at 2019-08-25 01:00:00 to seed 1605794509 generated at 2020-11-19 14:01:49 for 12 passwords of length 1024 bits | ||
2020/11/19 14:18:10 That took 1m51.525192167s for 350623.103536 seeds/s | ||
*** 3 Insecure passwords found | ||
remote test-remote-1: "fJKeinHaUgkd_4pO0J70tUMUkvoxoPES5p7-" | ||
remote test-remote-2: "r-zxEh10ufF9r48najyPn9UrmECuMhWTkIsEubDKtZ3fehFHMwY" | ||
remote test-remote-3: "px0py_poF8Jzis0rxNGf2OvtVZPnmwUruqI1o3trhE1I8fcR3To" | ||
``` | ||
|
||
**NB** don't make public any of the obscured passwords that rclone | ||
prints - these can easily be reversed into the actual password. The | ||
ones show here are for demonstration purposes. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Making a release # | ||
|
||
Compile and test | ||
|
||
Then run | ||
|
||
goreleaser --rm-dist --snapshot | ||
|
||
To test the build | ||
|
||
When happy, tag the release | ||
|
||
git tag -s -m "Release v1.0.XX" v1.0.XX | ||
|
||
Push to GitHub | ||
|
||
git push --follow-tags origin | ||
|
||
Then do a release build (set GITHUB token first) | ||
|
||
goreleaser --rm-dist |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
module github.com/rclone/passwordcheck | ||
|
||
go 1.15 | ||
|
||
require ( | ||
github.com/rclone/rclone v1.53.2 | ||
github.com/stretchr/testify v1.6.1 | ||
) |
Oops, something went wrong.