> > > > A properly-written bigcrypt() gives you different outputs for > > "passwordwithextraletters" and "passwordwithmoreletters", because > > regular crypt() only considers the first eight significant. > Yes it is compatible when strlen(passwd) <= 8, but not if > 8. > So, if we use bigcrypt "on our own" in pam_unix, it will not be > compatible with system's implementation (as I remember, that was > your statement that md5 should not be the default since it can > break compatibility -- and I agree completely). And now -- why > to introduce two incompatible algorythms (md5 and bigcrypt) when You do realize that "bigcrypt" is believed to be even more insecure than the traditional crypt(3), right? It's not similar to "md5" in this respect. > md5 is sufficient? Only one argument for bigcrypt that I know of > is a system that have it by default (Digital UNIX?). And this > makes sence. Well, there're a number of other systems that use it (some SCO, some HP-UX), but this is not a reason to continue supporting something as broken as this at the cost of code complexity of a _replacement_ for pam_unix. Those who need this kind of compatibility at the cost of security have the option to use the old pam_unix. Signed, Solar Designer
