Upgrading password hashes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I know arch tries to keep to upstream but their seems some
discrepencies that you may or may not be aware of so thought I'd share.

The crypt man page says glibc may not support blowfish (stronger than
nists recommendation) and that seems true when used via the commandline
(very short output).

The arch wiki says you can use a library from AUR.

There is also a sha512 arch wiki which says you should edit
pamd.d/passwd from md5 to sha512 but the default seems to already be
sha512, maybe it tries both as some distros default is now sha512 so no
need anymore.

It seems if you simply edit /etc/default/passwd to blowfish and reset
your password, sha512 is used e.g. encrypted password beginning with $6
in /etc/shadow not $2 (blowfish) and logins work fine.

I guess the /etc/default/passwd config file may be futurised or the
config written before changing to SHA which was easier to
implement and the wiki is out of date with the code??

-- 
Kc


[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux