On Tue, Jun 08, 2021 at 03:18:10PM +0200, Björn 'besser82' Esser wrote:
Unfortunately there is no automatic way to update the hash from anything, but yescrypt, to yescrypt without knowing / entering the actual user password; in the future existing yescrypt hashes can be updated to new yescrypt hashes with stronger salts and/or cost parameters in-place without changing the password, and without user interaction. Has anyone some better idea?
I'd advise against this. People can use a system like Puppet to sync password hashes between systems (as a cheap alternative to LDAP). If they use older distros that don't support it, it'll end up flapping where one system sets it to the older hashing and one to the newer.
Or maybe I'm just the only person who does this. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
