From owner-freebsd-questions Thu Aug 31 12:34:41 2000 Delivered-To: freebsd-questions@freebsd.org Received: from static.unixfreak.org (static.unixfreak.org [63.198.170.139]) by hub.freebsd.org (Postfix) with ESMTP id 3E4DB37B43E for ; Thu, 31 Aug 2000 12:34:32 -0700 (PDT) Received: by static.unixfreak.org (Postfix, from userid 1000) id 81D0D1F17; Thu, 31 Aug 2000 12:34:31 -0700 (PDT) Subject: Re: MD5 VS. DES In-Reply-To: <39b1a443.55633940@mail.afnetinc.com> from Elliot Finley at "Aug 31, 2000 06:33:07 pm" To: efinley@efinley.com Date: Thu, 31 Aug 2000 12:34:31 -0700 (PDT) Cc: freebsd-questions@FreeBSD.org From: Dima Dorfman Reply-To: dima@unixfreak.org X-Mailer: ELM [version 2.4ME+ PL61 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-Id: <20000831193431.81D0D1F17@static.unixfreak.org> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Hello, > I was just looking at my password file, and I have one user that > has an encrypted password that is very long and starts with $1$ which > I'm guessing is MD5? All the other users have shorter encrypted > passwords, and they _don't_ start with $1$ which I'm guess is DES? This is correct. > > All users can login just fine. If the different users are in > fact using two different encryption schemes, then how is this > working? The DES libraries can read MD5 hashes. I'm guessing that the users with MD5 passwords set their passwords before you updated your system to use the DES libraries. There's no harm in this, and the only way to fix it is to reset all the passwords which are currently recorded in the unwanted format. Hope this helps -- Dima Dorfman Finger dima@unixfreak.org for my public PGP key. Life would be much easier if we could just read the source code. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message