3

I have program that needs OS installation fingerprint like one in MSW stored at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid In Microsoft Windows I have it ready for me but I cannot find equivalent for Linux. Is there anything close to this in Linux? I will not have root access so anything like dmidecode -s system-uuid becomes out of the question.

An example will be nice but no necessary.

jww
  • 97,681
  • 90
  • 411
  • 885
Stefano Mtangoo
  • 6,017
  • 6
  • 47
  • 93
  • For what purpose were you intending to use this? Most Unixy software just uses the hostname to identify a machine; is there a particular reason that might not work well for you? – BRPocock Sep 05 '13 at 15:39
  • Possible duplicate of [Getting a unique id from a unix-like system](https://stackoverflow.com/q/328936/608639). Also see Posix [`gethostid(3)`](http://man7.org/linux/man-pages/man3/gethostid.3.html) and [`machine-id (5)`](http://man7.org/linux/man-pages/man5/machine-id.5.html) man page. – jww May 28 '18 at 11:17

4 Answers4

4

One possibility would be to read /etc/ssh/ssh_host_{d,r}sa_key.pub, which are readable by all, and are randomly generated during installation.

Obviously the problem is that those files may not exist at all, if there is no SSH (server) installed. They are also often copied from an older installation.

Lauri Nurmi
  • 566
  • 1
  • 3
  • 14
  • I see but that is not reliable due to obvious reason unless there is a way to generate them if they do not exist. Forcing user to install them is not an option! – Stefano Mtangoo Sep 04 '13 at 22:13
2

I believe MAC addresses are not a good choice for identifying a machine. There are many USB dongles which may be plugged into a PC to provide a mobile/3G/H+/etc. network interface, so while such a dongle is plugged into the machine, it will have a different id derived from available network interface MAC addresses.

Is /etc/machine-id (/var/lib/dbus/machine-id) available on your target system?

see: http://man7.org/linux/man-pages/man5/machine-id.5.html

see: http://0pointer.de/blog/projects/ids.html

xorcus
  • 999
  • 1
  • 11
  • 12
1

The canonical Unix'y answer is the Host ID, but in practice, this often ends up falling back on a hash of the IP address…

   #include <unistd.h>

   long gethostid(void);
   int sethostid(long hostid);

DESCRIPTION
   gethostid()  and  sethostid()  respectively get or set a unique 32-bit identifier for
   the current machine.  The 32-bit identifier is intended to be unique among  all  UNIX
   systems  in  existence.   This  normally resembles the Internet address for the local
   machine, as returned by gethostbyname(3), and thus usually never needs to be set.

NOTES
   In the glibc implementation, the hostid is stored in the file /etc/hostid.  (In glibc
   versions before 2.2, the file /var/adm/hostid was used.)

   In  the glibc implementation, if gethostid() cannot open the file containing the host
   ID, then it obtains the hostname using gethostname(2), passes that hostname to  geth‐
   ostbyname_r(3)  in  order  to  obtain  the  host's  IPv4 address, and returns a value
   obtained by bit-twiddling the IPv4 address.  (This value may not be unique.)
BRPocock
  • 13,638
  • 3
  • 31
  • 50
  • how does it work in case of dynamic IP addressing. I mean in case computers are connected to DHCP server? Will it change each time if "cannot open the file containing the host ID" each time computer starts? – Stefano Mtangoo Sep 05 '13 at 05:53
  • Yes, it would pretty much have to, in a case like that. – BRPocock Sep 05 '13 at 15:38
1

I assume you're trying to do this because you want to "lock" the software to a specific piece of hardware?

One option is to use the MAC address of a network interface to identify the current machine. The MAC address is fairly easy to get at, see this Stackoverflow question.

This nicely works around issues with changing IPs etc as the MAC address of an interface is much less likely to change unless someone replaces the network card.

Community
  • 1
  • 1
Timo Geusch
  • 24,095
  • 5
  • 52
  • 70
  • I want to lock it to specific OS signature like what Windows Generates but tying it to hardware reliably will even be a better solution. – Stefano Mtangoo Sep 06 '13 at 15:04