From owner-freebsd-security Fri Feb 14 03:14:47 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id DAA26914 for security-outgoing; Fri, 14 Feb 1997 03:14:47 -0800 (PST) Received: from gadget.nla.gov.au (gadget.nla.gov.au [203.4.201.52]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id DAA26907 for ; Fri, 14 Feb 1997 03:14:44 -0800 (PST) Received: from localhost (cmakin@localhost) by gadget.nla.gov.au (8.8.4/8.8.4) with SMTP id WAA28875 for ; Fri, 14 Feb 1997 22:14:38 +1100 (EST) X-Authentication-Warning: gadget.nla.gov.au: cmakin owned process doing -bs Date: Fri, 14 Feb 1997 22:14:38 +1100 (EST) From: Carl Makin To: security@freebsd.org Subject: Re: blowfish passwords in FreeBSD In-Reply-To: <199702140913.KAA25549@bsd.lss.cp.philips.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Fri, 14 Feb 1997, Guido van Rooij wrote: > Warner Losh wrote: > > OpenBSD just committed a new encryption method using blowfish. This > > has a much larger salt space as well as a much harder to break > Further, I think we should not adapt to every new password scheme around. Along this topic, has anyone looked at Sunsoft's "PAM" (Pluggable Authentication Modules). RedHat Linux 4.1 has an implementation. PAM looks like it has the possibility of supporting these schemes reasonably cheaply. Carl. -- Carl Makin (VK1KCM) C.Makin@nla.gov.au 'Work +61 6 262 1576' "Speaking for myself only!" 'If you want to make your spouse pay attention to what you say... Talk in your sleep!'