Date: Thu, 19 Oct 2000 10:21:15 -0700 (PDT) From: Dima Dorfman <dima@unixfreak.org> To: Christian Holz <christian@fastlane.de> Cc: freebsd-questions@freebsd.org Subject: Re: DES and MD5 Message-ID: <20001019172115.5AB841F2A@static.unixfreak.org> In-Reply-To: <012301c039ea$a7494020$03c209c2@fastlanep2x7jl> "from Christian Holz at Oct 19, 2000 06:35:55 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
[ Charset ISO-8859-1 unsupported, converting... ] > Hi there! > > I've got a question concerning DES and MD5 encryption: > > I've installed my server using DES encryption. > Many of our customers are runnung a perl program which uses crypt() to > create the passwords for .htaccess files. > Since apache doesn't support DES encryptet passwords i'd like to > change to How did you come up with this? I'm not entirely sure, but I think Apache just uses crypt() like everybody else. I don't see a reason why it would want to roll its own. Also, some other operating systems only have support for DES (NetBSD, I think, is one), and Apache runs fine on them. > MD5 encryption or at least > force perl/frontpage to use MD5 (Crypt::PasswdMD5 should be doing this, but > instead returns DES encryptet passwords). > > I couldn't find any hint in the manual how to do it. There aren't many > accounts on the server, so i wouldn't mind to create all user > accounts again. > > The only thing I did was changing the links in /usr/lib/ for > libcrypt etc. Make sure the links are pointing to the MD5 libraries (libscrypt*). Note that if all of your passwords are DES, once you do that, nobody will be able to log in. You don't need to recreate the accounts, but you do need to reset the passwords (don't forget root, too!). Hope this helps -- Dima Dorfman <dima@unixfreak.org> Finger dima@unixfreak.org for my public PGP key. "Love is the triumph of imagination over intelligence." -- Henry Louis Mencken To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001019172115.5AB841F2A>