On Thu, Sep 25, 2003 at 04:16:20PM -0600, Rennie deGraaf wrote: [...] > Well, if all the applications that would need to authenticate use PAM, > someone could write a PAM module (or a patch on pam_unix) that checks if > the stored hash is a Blowfish hash (what's the code, $2?) and checks it > itself, and if not, passes it on to crypt(). That would take some > coding and a knowledge of Blowfish, but it's not as invasive as > installing a new libc. However it's insufficient for more generic solutions like GNU/*/Linux distribution, where crypt(3) should support Blowfish hashes. -- ldv
Attachment:
pgp00109.pgp
Description: PGP signature
