Date: Sun, 23 Apr 2000 20:14:58 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Jarrod <jarrod@lost.net.au> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: CRYPO dist installed outside US Message-ID: <Pine.BSF.4.21.0004232010480.73288-100000@freefall.freebsd.org> In-Reply-To: <Pine.LNX.4.10.10004241226410.5254-100000@marbles.lost.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 24 Apr 2000, Jarrod wrote:
> Short of reinstalling the system and adding the accounts again, how can I
> remove the crypo dist which shouldn't on there and bring the system back
> to the same passwd format our other FreeBSD (3.4-STABLE though) servers
> are using. Or is a full reinstallation required?
All you need to do is point the /usr/lib/libcrypt.* symlinks at
/usr/lib/libscrypt.* instead of /usr/lib/libdescrypt.* where they are now.
i.e. boot single-user, remove the symlinks, and recreate them with ln -s
Then reset any passwords which were created in DES format using 'passwd'.
Now your system will be MD5 ("$1$....") only again.
> Are there any penalties or legal issues using crypto in Australia? I'm
> not quite sure of why its a big deal during installation.
You're quite allowed to use it :) In fact it's a good thing to install the
crypto dist: you now have SSH support almost out of the box [*]. The only
downsides are:
1) DES passwords get automatically selected, and DES passwords suck
(relatively speaking)
2) You're using the semi-crippled US version of OpenSSL, instead of the
better international version. See [*]
[*] See http://www.freebsd.org/handbook/openssl.html
Kris
----
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0004232010480.73288-100000>