Tomas Mraz wrote:
On Sun, 2006-12-03 at 22:03 +0100, Thomas M Steenholdt wrote:
Hi guys,
Is there a reason why fedora does not support blowfish (at least through
the various included tools, system-config-authentication etc.) for
password encryption?
From my understanding, Blowfish provides encryption far superior to
even MD5 and there should no license problems.
Even though MD5 might seem hard-enough-to-crack, why would we stop there?
Also, it seems like supporting blowfish would not be very hard to
implement in fedora, so why don't we?
(and the unavoidable:) Other linux distros have Blowfish encryption for
passwords ;-)
Thanks
We need support for blowfish directly in glibc or replace libcrypt from
glibc with libxcrypt first. Then all other packages can be updated to
support Blowfish.
See:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173002
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173834
Thanks - I've CC'ed myself on those bugs. Doesn't seem like there s much
activity on them, though?? Perhaps the actual activity is going on
elsewhere (cvs or such)?
Latest update for the respective bugs is january and may of this year?
/Thomas
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
