From owner-freebsd-questions Thu Jul 27 12:47:13 2000 Delivered-To: freebsd-questions@freebsd.org Received: from alpha.root-servers.ch (alpha.root-servers.ch [195.49.62.125]) by hub.freebsd.org (Postfix) with SMTP id 451E837B69C for ; Thu, 27 Jul 2000 12:47:07 -0700 (PDT) (envelope-from gabriel_ambuehl@buz.ch) Received: (qmail 25894 invoked from network); 27 Jul 2000 19:47:05 -0000 Received: from client98-229.hispeed.ch (HELO 10.2.2.100) (62.2.98.229) by ns1.root-servers.ch with SMTP; 27 Jul 2000 19:47:05 -0000 Date: Thu, 27 Jul 2000 21:48:27 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.45 Beta/6) Personal Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <141618390087.20000727214827@buz.ch> To: Thomas Bader Cc: freebsd-questions@FreeBSD.org Subject: Re[2]: Migrating from Linux to FreeBSD... In-reply-To: <20000727212605.A341@trash.net> References: <99614395654.20000727204153@buz.ch> <20000727212605.A341@trash.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello Thomas, Thursday, July 27, 2000, 9:26:05 PM, you wrote: > If I'm right, FreeBSD uses MD5 to encrypt the passwords in > master.passwd. But under Linux, the passwords are just > crypted using crypt() (provided by libcrypt) in /etc/shadow. Ouch. No way to get FreeBSD to recognize the DES passwords and change them to MD5 as the user logs in first after the migration? Or just use DES ones? > You may set a new password to the non priviledged users. > They can change it to whatever they like (and to whatever's > quiet secure). Impossible as the users don't have shell access. In fact, we only use those accounts for FTP, quotas and some accounting stuff. Will have to think a bit about how I could sell a password change to the users ("Improved security, now 16 char passwds"?)... Though for many accounts, there should be PGPed and thus recoverable versions of the passwords but for some they'll surely lack (one might argue if this is secure but...) I think I'll have to go that path in future anyway as it's the only chance to migrate between systems with different password encryption algorythms without assigning new passwords which would most likely kill our support staff ;-). > You should rebuild them, I think. It's better to do so. > But remember, you need to compile your own kernel to use > quotas. Well, that one would work. Would make some work but it should work. Best regards, Gabriel To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message