From owner-freebsd-security  Mon Oct  4 12: 6:20 1999
Delivered-To: freebsd-security@freebsd.org
Received: from indyio.rz.uni-sb.de (indyio.rz.uni-sb.de [134.96.7.3])
	by hub.freebsd.org (Postfix) with ESMTP id 89ECC15527
	for <freebsd-security@FreeBSD.ORG>; Mon,  4 Oct 1999 12:06:14 -0700 (PDT)
	(envelope-from netchild@Vodix.CS.Uni-SB.de)
Received: from mars.rz.uni-sb.de (ns0.rz.uni-sb.de [134.96.7.5])
	by indyio.rz.uni-sb.de (8.9.3/8.9.3) with ESMTP id VAA5658897;
	Mon, 4 Oct 1999 21:05:28 +0200 (CST)
Received: from work.net.local (maxtnt-196.telip.uni-sb.de [134.96.71.67])
	by mars.rz.uni-sb.de (8.8.8/8.8.4/8.8.2) with ESMTP id VAA00815;
	Mon, 4 Oct 1999 21:05:25 +0200 (CST)
Received: from Vodix.CS.Uni-SB.de (netchild@localhost.net.local [127.0.0.1])
	by work.net.local (8.9.3/8.9.3) with ESMTP id UAA01028;
	Mon, 4 Oct 1999 20:16:50 +0200 (CEST)
	(envelope-from netchild@Vodix.CS.Uni-SB.de)
Message-Id: <199910041816.UAA01028@work.net.local>
Date: Mon, 4 Oct 1999 20:16:48 +0200 (CEST)
From: A.Leidinger@WJPServer.CS.Uni-SB.de
Subject: Re: Long username/password
To: Vitaly V Belekhov <bsdl@h2o.riss-telecom.ru>
Cc: "Rashid N. Achilov" <shelton@sentry.granch.ru>,
	freebsd-security@FreeBSD.ORG
In-Reply-To: <Pine.BSF.4.10.9910041218090.89947-100000@h2o.riss-telecom.ru>
MIME-Version: 1.0
Content-Type: TEXT/plain; CHARSET=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On  4 Okt, Vitaly V Belekhov wrote:

>> FreeBSD 3.3-STABLE. What can I make usernames and passwords longer than 8
>> bytes?
> 
>  3.3 already has support for long passwords and upto 16 characters long
>  usernames.

If there hasn't something changed since I've checked it, it didn't use
long passwords as default (it accepts long passwords as input but only
uses the first eight characters, at least this is my experience with
3.2).

You have to use e.g. vipw(8), clear the password field and insert "$1$".
After this you have to change the (now empty) password. If I remember
correctly it uses SHA1 after this change (but I could be wrong with
this).

Bye,
Alexander.

P.S.: I did *not* found this information in a man-page (I've checked
passwd(5), passwd(1) and security(7)), so if there is a man-page
(or something else) which gives a better explanation please drop me a
note.
-- 
          People who are wrong the most are wrong the loudest.

http://netchild.home.pages.de   A.Leidinger+Home @ WJPServer.CS.Uni-SB.de



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message