Date: Sun, 19 Apr 1998 20:37:02 -0600 From: Wes Peters <softweyr@xmission.com> To: "Jordan K. Hubbard" <jkh@time.cdrom.com> Cc: Penisoara Adrian <ady@warpnet.ro>, freebsd-security@FreeBSD.ORG Subject: Re: Using MD5 insted of DES for passwd ecnryption Message-ID: <353AB4CD.81FEC9DB@xmission.com> References: <29805.893026136@time.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Jordan K. Hubbard wrote:
>
> > How can one control which kind of encryption is to be used by the
> > system for password encryption ? For example I want to use only MD5
>
> I've often wondered that myself and I'll be interested to hear the
> answer. :) I suspect the answer is, however, "you can't do that"
> and that we need some sort of /etc/passwd.conf (ducks :-).
I check the source in usr.bin/passwd/local_passwd.c, and it just calls
'crypt.' I guess you could make a crypt(3) routine that checks passwd.conf
and does the right thing; that would take care of all of the applications
because everyone calls crypt to make sure the password the user just types
matches the one stored in the database.
What do you do when passwd.conf specifies and encryption format you don't
have installed? Can FreeBSD programs fail gracefull to bind to a shared
library? I've never probed *that* deeply into shared libraries. :^)
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
http://www.softweyr.com/~softweyr wes@softweyr.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?353AB4CD.81FEC9DB>