From owner-freebsd-security Mon Oct 4 14:22:37 1999 Delivered-To: freebsd-security@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 45AED152B8 for ; Mon, 4 Oct 1999 14:22:28 -0700 (PDT) (envelope-from des@flood.ping.uio.no) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id XAA29142; Mon, 4 Oct 1999 23:22:22 +0200 (CEST) (envelope-from des) To: A.Leidinger@WJPServer.CS.Uni-SB.de Cc: Vitaly V Belekhov , "Rashid N. Achilov" , freebsd-security@FreeBSD.ORG Subject: Re: Long username/password References: <199910041816.UAA01028@work.net.local> From: Dag-Erling Smorgrav Date: 04 Oct 1999 23:22:22 +0200 In-Reply-To: A.Leidinger@WJPServer.CS.Uni-SB.de's message of "Mon, 4 Oct 1999 20:16:48 +0200 (CEST)" Message-ID: Lines: 20 X-Mailer: Gnus v5.5/Emacs 19.34 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org A.Leidinger@WJPServer.CS.Uni-SB.de writes: > If there hasn't something changed since I've checked it, it didn't use > long passwords as default (it accepts long passwords as input but only > uses the first eight characters, at least this is my experience with > 3.2). It *does* support 128-character passwords unless you install the DES libraries. The only reason you'd want to do that is compatibility with other Unices (especially when running NIS). > You have to use e.g. vipw(8), clear the password field and insert "$1$". > After this you have to change the (now empty) password. If I remember > correctly it uses SHA1 after this change (but I could be wrong with > this). MD5. DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message