Date: Tue, 15 Jun 1999 20:32:10 -0400 (EDT) From: matt <matt@AIC-GW.MLINK.NET> To: Kris Kennaway <kkennawa@physics.adelaide.edu.au> Cc: Evren Yurtesen <yurtesen@ispro.net.tr>, Holtor <holtor@yahoo.com>, freebsd-security@FreeBSD.ORG Subject: Re: DES & MD5? Message-ID: <Pine.BSF.4.10.9906152029520.53167-100000@aic-gw.mlink.net> In-Reply-To: <Pine.OSF.4.10.9906160933130.22473-100000@bragg>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 16 Jun 1999, Kris Kennaway wrote: : On Tue, 15 Jun 1999, Evren Yurtesen wrote: : : > I think when you use MD5 or DES you can still have different kind of : > passwords in your password file. Thankfully Yes.. I'll explain more later on down the mail. : You can. crypt() checks whether it's being passed a salt of the form : $1$...$, and if so, passes it to crypt_md5(), otherwise considers it as a DES : salt and sends it to crypt_des() (if DES support is compiled in). I mistakening installed 3.2 with DES so it was making DES passwords instead of MD5 passwords, I happen to prefere MD5, so I just redid the symlinks on libcrypt* from libdescrypt to libscrypt... etc.. worked nicely back to MD5 : So you can mix and match any passwords your crypt() knows how to parse. The : only problem is that standrd FreeBSD doesn't have a way to select which : password scheme you want: if you install the DES sources, you get DES : passwords, otherwise MD5, for your new passwords. We really should look at something like OpenBSD's password system, they really do have a bloody amazing password and encryption scheme.. : Kris Matt : ----- : "Never criticize anybody until you have walked a mile in their shoes, : because by that time you will be a mile away and have their shoes." : -- Unknown -- matt@AIC-GW.MLINK.NET To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9906152029520.53167-100000>