>

> I can confirm, that we (SAP) do not have such a tool.

Thanks for confirming! Sigh of relief here

>

> 4. The hashing algorithm. This is built in every SAP kernel because this is also needed to verify a password during logon and to set a password.

No, we can only encrypt, not decrypt with the hash algorithm used.

b.rgds, Bernhard

Hie Sietze (I suppose that this is your first name - sorry if not),

>

> Of course, SM59 will need to store passwords with a reversible algorithm. Otherwise, it would not be able to furnish the password to the "other" server. 

we compare only the hash values during log on. So using sm59 there is no decryption for passing the password to the remote system. I don't know, where you have found the decryption coding....

b.rgds, Bernhard

For an un-trusted RFC, the user is a background user (no dialog logon), so the password authentication seems to be taken care by the comparision of hash values (as suggested by Bernhard)..

For that matter, for a trusted RFC, where a dialog user becomes an RFC service user, it seems there isn't any password verification. Because the source system doesnot mantain any password in SM59 and the password in the destination can always be different from what the user is having in source system. At most the system would be checking if the user is locked/unlocked/validity period apart from the necessary auth objects S_RFC and S_RFCACL.

Correct me if I am wrong!

Thanks!!

> we either need to

> 1) chg the ALEREMOTE password and update all the corresponding SM59's in all the different systems

> 2) somehow figure out what the current password is, so we "know" what it is and can then create a new Source system connection in RSA1 and feed it the ALEREMOTE password

>

> sounds like there is no way for us to use the latter option sadly...

1) will be your best short-term option. Please do investigate the option of 'trusted rfc' to rid your system of ale passwords completely. The problem you're facing should be a good motivation.

Jurjen

> The Trusted RFC is a valid and popular solution, but you have to be very carefull in how you set it up.

> Worste case everyone can logon as anybody else and per default you loose a layer of application security.... (except for DDIC and SAP*).

In detail: The RFC-user must have the object S_RFC_ACL with proper values in his profile on the trusting side. Luckily this is one of the objects never included in SAP_ALL.

So if you connect from system A to system B you need to have an account with identical naming on either side and must have this object in the profile on system B. Trusted RFC's can both be set up with fixed userid's and 'logon user' or 'current user' (no system in reach at the moment, don't know the exact wording). The actual rights of the rfc user on system B determine what can be done there.

The risk Julius mentiones is a bit like putting op a sticky note with the password beacuse you do not want to lose it again..... just giving everyone a 'starred-out' S_RFC_ACL on all systems and trust they do not know how to use an rfc connection.....

Jurjen

>

> In detail: The RFC-user must have the object S_RFC_ACL with proper values in his profile on the trusting side. Luckily this is one of the objects never included in SAP_ALL.

Hi Jurjen,

just a little comment on this....

==>don't rely on that .....

Have a look at SAP note #410424 -->ADD_S_RFCACL.... I always set the switch to 'YES' to avoid problems for my sap_all users...

b.rgds, Bernhard

>

> I always set the switch to 'YES' to avoid problems for my sap_all users... 

Okay, I forgot the words "by default"

I never change this switch but prefer to tell the SAP_ALL users they might run in to the occasional boundary and that it's also for their safety.

Doesn't really matter because it only changes their request from "give me SAP_ALL and SAP_NEW" to "make sure I can do everything". The following discussions are all too familiar......

Nice topic!

Last night I started thinking about this discussion, and two questions striked me. I am putting them on this forum first thing in the office:)

(1) Which table contains the hash value of the password which is mentioned in sm59-untrusted RFC?

(2)Although manual update of SAP standard tables is a bad practice. What if somebody copies the hash value of password from usr02 of destination system and updates that table (containing sm59 password) in the source system?

I would love to know what have a I overlooked!!:)

Hi Julius,

Thanks for clarifying!

>

> Of course, SAP has such a tool.
> ...
> So, strictly spoken, SAP did not tie everything together. But a decent programmer at SAP has such a tool written inside a week.

Sorry, but I'm supposed to know it better ...

Even if you have access to the source code (as I certainly do) you will not be able to invert the hash function used to calculate the password hash value. All you could do is to perform a brute-force or dictionary attack.

Well, we ourselves had this situation once before - where it did effect us (migrating [Pandesic |http://en.wikipedia.org/wiki/Pandesic]customers to ABAP systems). The answer was: no, it's not possible (All what would be possible is to intercept a validated password (as cleartext data) and then perform the migration, creating a new ABAP account with that password - provided the password complies with the ABAP password rules).

>

> Hi Wolfgang,
> 
> I am not saying that access to the source is enough to develop a function that reverses the hashing of the password. The only thing that I am saying that access to the one way function will allow you to build a tool that tries out all candidate passwords in order to find the real password.

Yes, that's called "Brute Force" (or "Dictionary Attack" if you focus on frequently used weak passwords).

That's always possible - the only countermeasure is to slown-down such trial approaches (e.g. by iterated hash calculation). In addition, salted hash algorithms should be used (to prevent pre-calculation, keyword: "rainbow table").

Please take a look on [SAP Note 1237762|https://service.sap.com/sap/support/notes/1237762], as well.

>

> Regarding SM59 I will need to dig a little bit more. The way you guys are describing it; it just feels very insecure.

Passwords which you have entered in SM59 (Destinations) are not stored as hash values but encrypted. As of NetWeaver 7.0 the so-called "Secure Store" (ABAP Transaction SECSTORE) is used (3DES encryption). In older releases a proprietary algorithm is used to encrypt the password.

Hi Wolfgang,

is SAP planning to introduce Bcrypt as a replacement for traditional hash functions such as SHA-1? Advantage is that it's slow because of introducing work factor. Not like generic hashing functions that are optimized for speed.

I just realized that I replied to 4 years old answer. My question is still relevant but not sure why this thread got updated.

Cheers

Edited by: Martin Voros on Feb 8, 2012 10:06 PM

As documented in [SAP Note 991968|https://service.sap.com/sap/support/notes/991968] there's a new generic password hash algorithm approach (available for all ABAP systems as of 7.02; see also [SAP Note 1458262|https://service.sap.com/sap/support/notes/1458262] on "recommended settings for password hash algorithms" for older systems).

The generic password hash algorithm is currently supporting (iterated) random-salted SHA-1 hashes.

If requested, other hash algorithms could be supported, as well. [Bcrypt|http://en.wikipedia.org/wiki/Bcrypt] (Blowfish) is currently not amongst the supported algorithms; legal aspects would need to be clarified before implementing Blowfish. On relatively short notice, SHA-256 could be offered, though.

Slow calculation might not be a disadvantage - actually SHA-1 is too fast, thus the hash calculation is iterated (preserving the password entropy) as countermeasure against brute-force / dictionary attacks.

The number of iterations, the size of the random part (bits) and the hash algorithm name can be configured for the generic password hash algorithm. Actually, increasing the iteration count and the random size is more effective than choosing a different hash algorithm. But as written above: if (for whatever reason) one feels more comfortable with a distinctive algorithm, he should submit a feature request. We'll check the feasibility to fulfill the request.