Date: Fri, 22 Mar 2013 00:06:14 GMT From: Olivier Cochard-Labbe <olivier@cochard.me> To: freebsd-gnats-submit@FreeBSD.org Subject: docs/177215: FreeBSD uses SHA512 and no more MD5 for encrypting passwords Message-ID: <201303220006.r2M06E44089818@red.freebsd.org> Resent-Message-ID: <201303220010.r2M0A0QI009061@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 177215
>Category: docs
>Synopsis: FreeBSD uses SHA512 and no more MD5 for encrypting passwords
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-doc
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Mar 22 00:10:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Olivier Cochard-Labbe
>Release: 9.1-RELEASE
>Organization:
BSD Router Project
>Environment:
FreeBSD laptop.bsdrp.net 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec 4 09:23:10 UTC 2012 root@farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
FreeBSD 9.1 uses SHA512 and not MD5 for encrypting passwords.
But chapter 15.4.1 "Recognizing Your Crypt Mechanism" still indicate MD5.
>How-To-Repeat:
>Fix:
Applying the patch.
Patch attached with submission follows:
--- en_US.ISO8859-1/books/handbook/security/chapter.xml.orig 2013-03-22 00:57:02.000000000 +0100
+++ en_US.ISO8859-1/books/handbook/security/chapter.xml 2013-03-22 00:59:23.000000000 +0100
@@ -1084,7 +1084,7 @@
<title>Recognizing Your Crypt Mechanism</title>
<para>Currently the library supports DES, MD5, Blowfish, SHA256,
- and SHA512 hash functions. By default &os; uses MD5 to
+ and SHA512 hash functions. By default &os; uses SHA512 to
encrypt passwords.</para>
<para>It is pretty easy to identify which encryption method &os;
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201303220006.r2M06E44089818>