From owner-freebsd-security Thu Aug 2 21:13:29 2001 Delivered-To: freebsd-security@freebsd.org Received: from web11601.mail.yahoo.com (web11601.mail.yahoo.com [216.136.172.53]) by hub.freebsd.org (Postfix) with SMTP id 4075537B406 for ; Thu, 2 Aug 2001 21:13:24 -0700 (PDT) (envelope-from holtor@yahoo.com) Message-ID: <20010803041324.48700.qmail@web11601.mail.yahoo.com> Received: from [24.190.48.149] by web11601.mail.yahoo.com; Thu, 02 Aug 2001 21:13:24 PDT Date: Thu, 2 Aug 2001 21:13:24 -0700 (PDT) From: Holtor Subject: Re: md5? To: Kris Kennaway Cc: security@FreeBSD.ORG In-Reply-To: <20010802210023.A10332@citusc17.usc.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Kris, So how does one make adduser generate a MD5 password instead of DES? I've got passwd_format=md5 in my login.conf and ran that cap_mkdb command on it and it still generates DES. This seems to be the only issue I see -- a problem with adduser perhaps? Holt --- Kris Kennaway wrote: > On Thu, Aug 02, 2001 at 02:24:32PM -0700, Holtor > wrote: > > You guys seem to miss my point.. This is what I > did > > back several months ago. And i had: > > NODESCRYPTLINKS=true in /etc/make.conf so when > make > > world went threw it didn't demolish my links. Now > it > > appears as if that option does nothing. After > looking > > in /usr/lib there are not any symlinks at all > anymore. > > They are actual libraries in place of where links > to > > libscrypt and libdescrypt could go. Thats whats > > confused me, something recently - within the past > week > > perhaps has changed. > > Yes, there are no longer two separate libraries. > You control which of > MD5 or DES passwords you get via the login.conf > capability, and > whether or not you install the crypto sources (or > binaries built from > them). i.e. you still need to install the crypto > code to get DES > passwords, but whether or not you do you still get > only one libcrypt, > not a symlink pointing to one of two locations. > > The ability to select MD5/DES in login.conf was > added in 4.2 or 4.3 -- > you no longer need to play games with symlinks and > any documentation > which tells you to do so is out of date. > > Kris > > ATTACHMENT part 2 application/pgp-signature __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message