On Thu, Sep 25, 2003 at 04:16:20PM -0600, Rennie deGraaf wrote: > Well, if all the applications that would need to authenticate use PAM, > someone could write a PAM module (or a patch on pam_unix) that checks if > the stored hash is a Blowfish hash (what's the code, $2?) and checks it > itself, and if not, passes it on to crypt(). That would take some > coding and a knowledge of Blowfish, but it's not as invasive as > installing a new libc. But it's also even more of a hack and less functional. > I've done something similar using Apache password hashes - expect to see > me post the code to this list within the next couple of weeks. There's no need: a pointer to one such module has been posted in this thread already, another (pam_crypt by Adam Slattery) has been discussed here a long time ago (so you should be able to locate it by searching list archives). -- Alexander _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
