Date: Thu, 23 Apr 1998 09:00:11 -0700 (PDT) From: patl@phoenix.volant.org To: Poul-Henning Kamp <phk@critter.freebsd.dk> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Static vs. dynamic linking (was Re: Using MD5 insted of DES ...) Message-ID: <ML-3.3.893347211.7096.patl@asimov> In-Reply-To: <4940.893278929@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
> What about the SHS ($2$) suport for crypt() should we sneak that in > at the same time ? > > Did we also agree that login.conf can specify which encryption to > use along these lines: > > modify existing password: > entry in login.conf ? > yes: use what login.conf says > no: use same as existing password. As long as we've touched on this, I'd like to suggest that the login.conf entry have some way of specifying that modifications should use the same encryption as the existing password. If it is (still) supported; otherwise use the default for creation. This is mostly a cover-all-the-bases suggestion. > create new password: > entry in login.conf ? > yes: use what login.conf says > no: use same as current root password I'd also like to suggest that the encryption specification in login.conf be an ordered list rather than a single item. This way we could ship a default login.conf that would automatically take advantage of stronger optional encryption methods when they are installed. -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ML-3.3.893347211.7096.patl>