On 01/20/2012 03:04 PM, Kevin Chadwick wrote:
On Fri, 20 Jan 2012 14:17:22 -0800
Don Juan wrote:
Not sure if I am getting what you mean here but to me sounds like you
did not complete what is in the wiki in regards to running blowfish,
since you need AUR package and what not and it says there is more to do
than change a single file to make blowfish the algo.
I know I didn't. Blowfish is stronger but I'm settled with sha512
rather than building a library and fixing any possible fallout in the
future.
Maybe I missed giving a piece of info. The default password is DES which
is really crap and starts with $1 so simply enabling blowfish
in /etc/default/passwd has enabled SHA512, you'd expect to uncomment
SHA512 not blowfish. It seems for sha512 you don't have to do as much as
the wiki suggests anymore.
Ahhh OK that makes more sense, at least to me. I just went through doing
everything in the wiki myself for the same reason I did not want to add
another AUR package just to get the feature/ability. I agree though that
DES should be changed at this point.
