From owner-freebsd-hackers Thu Sep 28 21: 1: 5 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 853C037B422; Thu, 28 Sep 2000 21:01:03 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id VAA63757; Thu, 28 Sep 2000 21:01:03 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Thu, 28 Sep 2000 21:01:03 -0700 (PDT) From: Kris Kennaway To: Jim Mercer Cc: hackers@freebsd.org, Brian Feldman Subject: Re: stuck on MD5 passwd's, host to revert to DES In-Reply-To: <20000928233326.N22260@reptiles.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 28 Sep 2000, Jim Mercer wrote: > On Thu, Sep 28, 2000 at 06:14:07PM -0700, Kris Kennaway wrote: > > Set the value of the passwd_format login capability to "des" in > > /etc/login.conf. > > > > Brian Feldman neglected to document or mention this in the release notes > > at all, as far as I can tell. No cookie! Please fix this ASAP, Brian. > > so, is the intention to have FreeBSD default to md5? Yes. It's the more secure alternative and is quite suitable for most users. All the rest of you need to do is add the 'des' login capability in the default class. > the reason i ask, is that if people cvsup without seeing or noticing this, > they may not realize until too late that the new passwords are md5. > > anyone using nis with non-freebsd systems might get really upset. It should have been documented. It still can be :-) Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message