From owner-freebsd-doc@FreeBSD.ORG Fri Mar 22 00:10:00 2013 Return-Path: Delivered-To: freebsd-doc@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 8BFDE29D for ; Fri, 22 Mar 2013 00:10:00 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 5ACF62D7 for ; Fri, 22 Mar 2013 00:10:00 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.6/8.14.6) with ESMTP id r2M0A09s009062 for ; Fri, 22 Mar 2013 00:10:00 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.6/8.14.6/Submit) id r2M0A0QI009061; Fri, 22 Mar 2013 00:10:00 GMT (envelope-from gnats) Resent-Date: Fri, 22 Mar 2013 00:10:00 GMT Resent-Message-Id: <201303220010.r2M0A0QI009061@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-doc@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Olivier Cochard-Labbe Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 05467149 for ; Fri, 22 Mar 2013 00:06:16 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id EA4832B1 for ; Fri, 22 Mar 2013 00:06:15 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.5/8.14.5) with ESMTP id r2M06E23089819 for ; Fri, 22 Mar 2013 00:06:14 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.5/8.14.5/Submit) id r2M06E44089818; Fri, 22 Mar 2013 00:06:14 GMT (envelope-from nobody) Message-Id: <201303220006.r2M06E44089818@red.freebsd.org> Date: Fri, 22 Mar 2013 00:06:14 GMT From: Olivier Cochard-Labbe To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Subject: docs/177215: FreeBSD uses SHA512 and no more MD5 for encrypting passwords X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Mar 2013 00:10:00 -0000 >Number: 177215 >Category: docs >Synopsis: FreeBSD uses SHA512 and no more MD5 for encrypting passwords >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Fri Mar 22 00:10:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Olivier Cochard-Labbe >Release: 9.1-RELEASE >Organization: BSD Router Project >Environment: FreeBSD laptop.bsdrp.net 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec 4 09:23:10 UTC 2012 root@farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 >Description: FreeBSD 9.1 uses SHA512 and not MD5 for encrypting passwords. But chapter 15.4.1 "Recognizing Your Crypt Mechanism" still indicate MD5. >How-To-Repeat: >Fix: Applying the patch. Patch attached with submission follows: --- en_US.ISO8859-1/books/handbook/security/chapter.xml.orig 2013-03-22 00:57:02.000000000 +0100 +++ en_US.ISO8859-1/books/handbook/security/chapter.xml 2013-03-22 00:59:23.000000000 +0100 @@ -1084,7 +1084,7 @@ Recognizing Your Crypt Mechanism Currently the library supports DES, MD5, Blowfish, SHA256, - and SHA512 hash functions. By default &os; uses MD5 to + and SHA512 hash functions. By default &os; uses SHA512 to encrypt passwords. It is pretty easy to identify which encryption method &os; >Release-Note: >Audit-Trail: >Unformatted: