On Fri, Apr 17, 2009 at 9:48 PM, Martin <inkubus@xxxxxxxxxxxxxxxx> wrote: > On Fri, 2009-04-17 at 12:00 -0400, pam-list-request@xxxxxxxxxx wrote: > >> -------- Forwarded Message -------- >> From: Sudarshan Soma <sudarshan12s@xxxxxxxxx> >> Reply-To: Pluggable Authentication Modules <pam-list@xxxxxxxxxx> >> To: Pluggable Authentication Modules <pam-list@xxxxxxxxxx> >> Subject: crypt function mode >> Date: Fri, 17 Apr 2009 20:36:07 +0530 >> >> Hi All, >> Can anyone please let me know what block ciphers mode( Electronic >> Codebook Mode (ECB) , Cipher Blockchaining Mode (CBC),..) >> does the crypt function used in pam_unix use. > It doesn't. These are for symmetric encryption, the crypt function uses > them as a one way hash (that why the later versions use MD5). > [Pavan] Thanks Martin. I was bit confused when it says that crypt uses modified form of DES algorithm (http://en.wikipedia.org/wiki/Crypt_(Unix)#Modifications_of_the_traditional_scheme). So these cipher modes are not applicable for storing/verifying passwords using crypt. My requirement is to make passwds more secure. I think enabling shadow passwds(using pwconv) and MD5 hashes (etc/sysconfig/authconfig) would be enough as the first step. >> Please suggest me any pointers , if this is more of the crypt function >> question. > You might try reading the code; it's about as good a description as any. > > Cheers, > - Martin > > > _______________________________________________ > Pam-list mailing list > Pam-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/pam-list > _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
