Date: Fri, 19 Jan 2001 21:19:23 +0900 From: Yoshihiro Koya <Yoshihiro.Koya@math.yokohama-cu.ac.jp> To: current@FreeBSD.org Subject: adduser and /etc/auth.conf Message-ID: <20010119211923R.ipfw@ya3.so-net.ne.jp>
next in thread | raw e-mail | index | archive | help
Hello, The current default /etc/auth.conf is as follows: ---------- # # $FreeBSD: src/etc/auth.conf,v 1.5 2000/12/28 10:32:00 peter Exp $ # # This file contains information on what types of authentication to use. # It is just the beginnings of a greater scheme. # crypt_default = md5 des # auth_list = passwd kerberos auth_list = passwd ---------- On the other hand, the current default /etc/login.conf looks like: ---------- # login.conf - login class capabilities database. # (snip) default:\ :passwd_format=md5:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ (snip) ---------- This will cause a problem. A new user registered by adduser(1) will be able to loggin the system. Because the adduser script uses des as the default according to the setting in /etc/auth.conf and crypt_set_format(3) in passwd(1) sets md5 as the default hash function, the authentication will fail always. Of course, it is easy to change one of the above files. It might be, however, quite difficult to guess the reason of the login failure caused by this. I think that it might be convenient to describe this in some documents like UPDATING or a manpage of adduser(1) of -current. koya To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010119211923R.ipfw>