Date: Tue, 21 Nov 2000 08:55:51 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: "Sean O'Connell" <sean@stat.Duke.EDU>, Kris Kennaway <kris@FreeBSD.ORG>, FreeBSD stable <freebsd-stable@FreeBSD.ORG> Cc: green@FreeBSD.ORG Subject: Re: Hmm..passwords. Message-ID: <20001121085551.A3534@citusc17.usc.edu> In-Reply-To: <20001121114933.D27266@stat.Duke.EDU>; from sean@stat.Duke.EDU on Tue, Nov 21, 2000 at 11:49:33AM -0500 References: <20001121135541.A14220@nevermind.kiev.ua> <Pine.BSF.4.21.0011210704230.88234-100000@epsilon.lucida.ca> <20001121082750.A2922@citusc17.usc.edu> <20001121114933.D27266@stat.Duke.EDU>
next in thread | previous in thread | raw e-mail | index | archive | help
--qMm9M+Fa2AknHoGS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Nov 21, 2000 at 11:49:33AM -0500, Sean O'Connell wrote: > This issue probably could stand a little more reinforcing (see below) >=20 > grep passwd_format /usr/src/UPDATING=20 > Exit 1 UPDATING is for hoops to jump through in getting your system up to date - I don't know that it's the right place for it. > Maybe we could add a >=20 > :password_format=3Dmd5:\ >=20 > to the default entry or create a commented out des login > class like >=20 > #des_users:\ > # :password_format=3Ddes:\ > # :tc=3Ddefault: >=20 > to clarify this a bit. I was surprised for a few minutes > but ended up just adding the following to default I've already suggested this to Brian Feldman.. > :password_format=3Ddes:\ >=20 > Also, as a side question, does passwd automagically stick to using=20 > DES for NIS-enabled machines so it doesn't corrupt NIS maps on other > machines/os's? I suppose in a FreeBSD-only environment, this would > not be a problem, but I have a bunch of Digital Unix machines that > I have to support, as well. No. > Point of clarification: based on the ERRATA, should I add the=20 > passwd_format=3Ddes to all my machines to preserve interoperablity? If you want the same NIS password map to be used on "legacy" UNIXes which don't talk MD5 they have to be DES passwords. Standalone machines should be MD5 for greater security. Kris --qMm9M+Fa2AknHoGS Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjoaqRcACgkQWry0BWjoQKWWLwCg5KPKlIgZeXfB1r22Gyf2nb/M PVgAniEWQUe009EFYKZ6BD/G1gmZG4b7 =sb1z -----END PGP SIGNATURE----- --qMm9M+Fa2AknHoGS-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001121085551.A3534>