Date: Thu, 29 Feb 1996 07:59:07 +0200 From: Mark Murray <mark@grondar.za> To: Adam David <adam@veda.is> Cc: freebsd-current@freebsd.org Subject: Re: New Dual-personality crypt Message-ID: <199602290559.HAA02484@grumble.grondar.za>
next in thread | raw e-mail | index | archive | help
Adam David wrote:
> The encryption methods and default behaviour are site-admin decisions.
> Therefore it would be useful to see the following as possibilities:
>
> Admins to specify which encrytion methods are available for passwords,
> and set the default to one of { same_as_previous, DES, MD5,
> ...<other_methods>... } If users are allowed to select which
> method, admins should be able to restrict the choices to any subset
> of the methods recognised and handled by the site, thus providing
> a means of transparent migration from one set of encryption methods
> to another.
I agree 100% - and sort of had this in mind.
> I understood the original dual-personality crypt announcement
> essentially to mean the same as I have stated here, except with
> the enforcement of {DES, MD5} as the available set, and that ordinary
> users would typically have no choice over which method is used to
> generate the new password.
Right. I am looking for a decent metthod to implement this. Someone
has already suggested something like an /etc/passwd.conf that has some
rules to cover this. So far I like this seems like the way I will go.
M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grondar.za for PGP key
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602290559.HAA02484>