From owner-freebsd-current  Sun Feb 25 00:07:51 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id AAA18989
          for current-outgoing; Sun, 25 Feb 1996 00:07:51 -0800 (PST)
Received: from grumble.grondar.za (root@grumble.grondar.za [196.7.18.130])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id AAA18982
          for <current@FreeBSD.org>; Sun, 25 Feb 1996 00:07:45 -0800 (PST)
Received: from grumble.grondar.za (mark@localhost [127.0.0.1]) by grumble.grondar.za (8.7.3/8.7.3) with ESMTP id KAA20978; Sun, 25 Feb 1996 10:07:22 +0200 (SAT)
Message-Id: <199602250807.KAA20978@grumble.grondar.za>
To: Nate Williams <nate@sri.MT.net>
cc: current@FreeBSD.org
Subject: Re: New Dual-personality crypt 
Date: Sun, 25 Feb 1996 10:07:22 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-current@FreeBSD.org
Precedence: bulk

Nate Williams wrote:
> How can I force my passwords to be the old DES crypt function on a box
> that previously used MD5 crypt?  There are only two accounts on it (mine
> and root), but I'd like it to use DES like all of the other machines in
> the group.

This was a design point that I could not quite decide on. I decided
to go the route-of-least-change and keep the encryption algorithm that
was used to make the entry in the first place.

> Even after I've re-run passwd after installing the new libraries and
> binaries, it's still generating MD5 passwords instead of DES passwords.

I have been slowly getting round to putting a option in passwd(1)
to allow the user to select the encryption algorithm, but I am not
too sure how to deal with the case of the system without DES. I'm
sure I can come up with something.

> How do I force it to generate old-style DES passwords in spite of what
> the old passwords were, short of removing the password completely and
> then re-generating passwords?  Shouldn't the new routine 'generate'
> passwords using the default routines, but read passwords from both?

See above. I'd greatly appreciate some input on this. I'm kinda
prepared to go either way once I have some sort of idea what the
group would prefer. In the meanwhile, it is unfortunately only
possible to force DES by removing the old MD5 password.

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grondar.za for PGP key