-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 14.01.2011 13:18, schrieb Andreas Jaeger:
I wonder whether our IPv6 settings are the right ones after reading the following article (sorry, German only): http://www.heise.de/newsticker/meldung/IPv6-Smartphones-gefaehrden-Privatsph...
which references:
http://www.heise.de/netze/hotline/IPv6-anonym-1100727.html
We set use_tempaddr to 0 by default (disabling privacy extensions) and set it to 1 if enabled. The article advises to use 2.
Background: By default (value 0) my IPv6 address will be derived from my hardware (macaddr) and therefore be the same independend how I connect to the internet. So, it's easy to track my computer...
So, my proposal is to do the following two changes: * Use 2 instead of 1 in /etc/rc.d/boot.ipconfig for enabling the privacy extensions * Set IPV6_PRIVACY=yes in /etc/sysconfig/sysctl
Any concerns with this change?
Btw. here's an Ubuntu bugreport: https://bugs.launchpad.net/ubuntu/+source/procps/+bug/176125 and Windows (since XP) is doing it the same way on desktops.
Andreas
I upgraded from 11.4 to Factory recently and found that IPV6_PRIVACY=yes causes trouble with long lived connections over IPv6 like IRC, ssh and even some http, because it drops the source address after some time (in my case 5 mins - depending on radvd configuration). my radvd.conf from radvd-1.1 looks thus: interface br0 { AdvSendAdvert on; MaxRtrAdvInterval 15; prefix 2001:06f8:11fc:10::1/64 { AdvOnLink on; AdvAutonomous on; AdvRouterAddr on; AdvPreferredLifetime 120; AdvValidLifetime 300; }; }; increasing some livetimes would only reduce but not prevent this effect. Ciao Bernhard M. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5u6ngACgkQSTYLOx37oWTJEwCfZYDjlClZtH9VqwuyzpCUyJMM KN0AoK8LgWkLw1Yuphh7gKU4ARx1pMYc =HMuV -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org