From owner-freebsd-current Fri Jan 22 06:27:06 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA22282 for freebsd-current-outgoing; Fri, 22 Jan 1999 06:27:06 -0800 (PST) (envelope-from owner-freebsd-current@FreeBSD.ORG) Received: from axl.noc.iafrica.com (axl.noc.iafrica.com [196.31.1.175]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA22263 for ; Fri, 22 Jan 1999 06:26:50 -0800 (PST) (envelope-from sheldonh@axl.noc.iafrica.com) Received: from sheldonh (helo=axl.noc.iafrica.com) by axl.noc.iafrica.com with local-esmtp (Exim 2.10 #1) id 103hWW-000074-00 for current@freebsd.org; Fri, 22 Jan 1999 16:25:24 +0200 From: Sheldon Hearn To: current@FreeBSD.ORG Subject: WARNING: Today's current breaks passwords Date: Fri, 22 Jan 1999 16:25:24 +0200 Message-ID: <437.917015124@axl.noc.iafrica.com> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This may or may not affect you. Today's installworld broke passwords for me. By that, I mean that login, xdm, su and friends gave authentication failures on all passwords for all users that I tried. I suspect this has to do with a hashing algorithm that isn't backward compatible. I used Kerberos to get into the machine as root and change important passwords to exactly what they were before. This worked. The new encrypted passwords are happy. :) I don't want to cause hysteria, and I can't guarantee that my report is accurate. All the same, do yourself a favour on your next installworld: Make SURE you have an open root session somewhere. Do NOT hide it behind xlock, and do NOT use lock(1) to keep it safe. This will allow you to passwd(1) to create new encrypted passwords for your users. If you have shell accounts that need access to the box and you don't want to have to rehash all their passwords, hold off on installworld until someone calls me a liar, or a fix is committed. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message