From owner-freebsd-questions@FreeBSD.ORG  Sun Oct  5 17:47:13 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A123F16A4BF
	for <freebsd-questions@FreeBSD.ORG>;
	Sun,  5 Oct 2003 17:47:13 -0700 (PDT)
Received: from nexus.powweb.com (nexus.powweb.com [63.251.216.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6D49443F75
	for <freebsd-questions@FreeBSD.ORG>;
	Sun,  5 Oct 2003 17:47:10 -0700 (PDT)
	(envelope-from james@ytjameslee.com)
Received: from ytjameslee.com (31.50.171.66.subscriber.vzavenue.net
	[66.171.50.31])
	by nexus.powweb.com (Postfix) with ESMTP id ECA66B8FF2
	for <freebsd-questions@FreeBSD.ORG>;
	Sun,  5 Oct 2003 17:42:52 -0700 (PDT)
Message-ID: <3F80BB94.10605@ytjameslee.com>
Date: Sun, 05 Oct 2003 17:47:16 -0700
From: James Moser <james@ytjameslee.com>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.4) Gecko/20030917
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-questions@FreeBSD.ORG
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Encrypted Password Portability Between releases
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Oct 2003 00:47:13 -0000
X-List-Received-Date: Mon, 06 Oct 2003 00:47:13 -0000

Hey everyone...  cryptography is not really my strong point and I'm 
trying to do something I thought should have been fairly easy.  We have 
a number of machines running various versions of FreeBSD from 
4.7-RELEASE to 4.8-STABLE.  Our password files for our users are 
generated through passwords which are currently being stored in plain 
text. I wish to encrypt these on a central server and store them in the 
database for better security, however I'm running into some problems.  
It appears to work on some systems and some systems it does not.  I have 
tried DES and MD5 encryption.

Most of these systems have been upgraded from much earlier releases of 
the 4 branch, and the passwords of users not generated from the database 
seem to have been find after each upgrade.  So my question is, what am I 
doing wrong?  Is there a way to encrypt a password on one system and 
have it work on all FreeBSD machines no matter what release its running? 
If I encrypt on a 4.7 box will it work on a 4.8 system, just not the 
other way around?

Thanks for any help of information you can provide.

Sincerely,
James Moser