From owner-freebsd-security Fri May 17 10:26:36 2002 Delivered-To: freebsd-security@freebsd.org Received: from mail.deltanet.com (mail.deltanet.com [216.237.144.132]) by hub.freebsd.org (Postfix) with ESMTP id 89F0337B403 for ; Fri, 17 May 2002 10:26:32 -0700 (PDT) Received: from mammoth.eat.frenchfries.net (da001d1356.lax-ca.osd.concentric.net [208.36.180.81]) by mail.deltanet.com (8.11.6/8.11.6) with ESMTP id g4HH5pO06624 for ; Fri, 17 May 2002 10:05:52 -0700 Received: by mammoth.eat.frenchfries.net (Postfix, from userid 1000) id 7FB2D50CF; Fri, 17 May 2002 10:26:23 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mammoth.eat.frenchfries.net (Postfix) with ESMTP id 7D2484B35 for ; Fri, 17 May 2002 10:26:23 -0700 (PDT) Date: Fri, 17 May 2002 10:24:17 -0700 (PDT) From: Paul Herman X-X-Sender: pherman@mammoth.eat.frenchfries.net To: =?iso-8859-1?Q?Erik_Paulsen_Sk=E5lerud?= Subject: RE: How secure is a password and how many characters does it allow? In-Reply-To: <200205171632.g4HGWTJ17941@tick.sc.omation.com> Message-ID: <20020517093415.L934-100000@mammoth.eat.frenchfries.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 17 May 2002, it was written: > You say that adduser uses DES, while the system defaults to MD5. > How do you add users then? Using pw useradd etc? Yeah, that works. passwd(1) works too. You can also put: crypt_default = md5 into /etc/auth.conf, but this is not the same as changing passwd_format in /etc/login.conf. This will force *all* programs that expect a DES hash from crypt() to get an MD5 hash. This is generally not a problem nowadays (?), but you may have some old legacy software on your system that still need this. Be aware of this if you change /etc/auth.conf. If you're not generating your own salts, and just want to keep it simple, the login_setcryptfmt() / crypt_set_format() aware programs like pw(8) and passwd(1) are for you. -Paul. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message