From owner-freebsd-current  Wed Feb 28 21:59:44 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id VAA00614
          for current-outgoing; Wed, 28 Feb 1996 21:59:44 -0800 (PST)
Received: from grumble.grondar.za (root@grumble.grondar.za [196.7.18.130])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id VAA00607
          for <freebsd-current@freebsd.org>; Wed, 28 Feb 1996 21:59:39 -0800 (PST)
Received: from grumble.grondar.za (mark@localhost [127.0.0.1]) by grumble.grondar.za (8.7.3/8.7.3) with ESMTP id HAA02484; Thu, 29 Feb 1996 07:59:07 +0200 (SAT)
Message-Id: <199602290559.HAA02484@grumble.grondar.za>
To: Adam David <adam@veda.is>
cc: freebsd-current@freebsd.org
Subject: Re: New Dual-personality crypt 
Date: Thu, 29 Feb 1996 07:59:07 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-current@freebsd.org
Precedence: bulk

Adam David wrote:
> The encryption methods and default behaviour are site-admin decisions.
> Therefore it would be useful to see the following as possibilities:
> 
> Admins to specify which encrytion methods are available for passwords,
> and set the default to one of  { same_as_previous, DES, MD5,
> ...<other_methods>...  } If users are allowed to select which
> method, admins should be able to restrict the choices to any subset
> of the methods recognised and handled by the site, thus providing
> a means of transparent migration from one set of encryption methods
> to another.

I agree 100% - and sort of had this in mind.
 
> I understood the original dual-personality crypt announcement
> essentially to mean the same as I have stated here, except with
> the enforcement of {DES, MD5} as the available set, and that ordinary
> users would typically have no choice over which method is used to
> generate the new password.

Right. I am looking for a decent metthod to implement this. Someone
has already suggested something like an /etc/passwd.conf that has some
rules to cover this. So far I like this seems like the way I will go.

M

--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grondar.za for PGP key