From owner-freebsd-isp Mon Nov 29 15:17:25 1999 Delivered-To: freebsd-isp@freebsd.org Received: from blackbird.lonetree.com (blackbird.lonetree.com [207.141.55.3]) by hub.freebsd.org (Postfix) with ESMTP id 8728015506 for ; Mon, 29 Nov 1999 15:17:23 -0800 (PST) (envelope-from wolfman@csocs.com) Received: from csocs.com [209.64.46.23] by blackbird.lonetree.com with ESMTP (SMTPD32-5.01) id A96344D801A0; Mon, 29 Nov 1999 16:16:51 mdt Message-ID: <38430A5F.FB18F6@csocs.com> Date: Mon, 29 Nov 1999 16:21:03 -0700 From: "J.C. Frazier" X-Mailer: Mozilla 4.7 [en] (X11; I; FreeBSD 3.3-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: Sean Winn Cc: freebsd-isp@freebsd.org Subject: Re: apache13-fp-modssl problem with passwords References: <38422055.2906C9B2@csocs.com> <001b01bf3a4f$8b1d8be0$1d48b6ca@gothic.net.au> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Sean Winn wrote: > libscrypt* only supports MD5; it's the "export" libraries, and can't support > DES. libdescrypt* supports both DES and MD5, and defaults to whatever salt > it gets provided (so if users already have an MD5 password, they stay with > it... but generally new users get a DES one.) You can either patch descrypt > to swap the default, or wait for a new crypt() series of functions which > will allow the choice (this is being written currently, but I can't remember > the URL.) Do you suggest just changing the libcrypt.* libs to symbolically link to the des libs then, or is there an easier way to change everything over in one swoop? And do you know if the libs are the only thing I need to change, or are there other things such as auth.conf? I like your idea, and if the des crypt() can do both so I wouldn't have to change current passwords on all my users, things will be much easier. > As far as I'm aware though, the FP3 extensions certainly didn't actually > require the Unix passwords; I've used the Linux FPE with NIS, getting only > an "*" from the FreeBSD NIS server, and it seemed to work without > problems.... however this was FP98, not FP2K extensions. The FP4 (2K) extensions are working correctly and everything seems to be doing good other then the password problem on authoring. I don't believe the root of this problem lies in the 2K extensions. I've tried other versions of Apache and FP3 with the same results (everything works but the passwords). I read a letter from JKH from 1997 responding to someone using FP2 extensions who had the same problem, and JKH had to said that crypt() supported both and there was no problem there, that it must be something else. However, I searched and searched and there are no answers to the problem. It seems I'm not the only one, but it hasn't been documented in quite a while. J.C. Frazier To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message