From owner-freebsd-security Thu Sep 26 3:54:13 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8EC7337B401 for ; Thu, 26 Sep 2002 03:54:09 -0700 (PDT) Received: from officepop3.tiscali.de (mxa.tiscali.de [194.162.162.215]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0CB1C43E6A for ; Thu, 26 Sep 2002 03:54:09 -0700 (PDT) (envelope-from piontec@de.tiscali.com) Received: from hellskitchen.nacamar.de (azze.nacamar.de [195.63.228.105]) by officepop3.tiscali.de (Postfix) with ESMTP id 35E445D2A; Thu, 26 Sep 2002 12:54:07 +0200 (CEST) Received: by hellskitchen.nacamar.de (Postfix, from userid 1000) id CDDA85A52C; Thu, 26 Sep 2002 12:54:15 +0200 (CEST) Date: Thu, 26 Sep 2002 12:54:15 +0200 From: Jan Wagner To: Olafur Osvaldsson Cc: freebsd-security@FreeBSD.ORG Subject: Re: Password encoding Message-ID: <20020926125415.B4034@de.tiscali.com> References: <200209260922.g8Q9MYR23427@sequel.rsm.ru> <20020926095550.GB10763@isnic.is> <20020926124450.A18244@de.tiscali.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020926124450.A18244@de.tiscali.com>; from jan.wagner@de.tiscali.com on Thu, Sep 26, 2002 at 12:44:50PM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ... arg! i forgott, maybe you should also take a look at http://quasar.mathstat.uottawa.ca/~selinger/ccrypt/ "ccrypt is a utility for encrypting and decrypting files and streams." "It was designed as a replacement for the standard unix crypt utility..." greets jw On Thu, Sep 26, 2002 at 12:44:50PM +0200, Jan Wagner wrote: > Date: Thu, 26 Sep 2002 12:44:50 +0200 > From: Jan Wagner > To: Olafur Osvaldsson > Cc: freebsd-security@FreeBSD.ORG > Subject: Re: Password encoding > User-Agent: Mutt/1.2.5.1i > In-Reply-To: <20020926095550.GB10763@isnic.is>; from oli@isnic.is on Thu, Sep 26, 2002 at 09:55:50AM +0000 > List-Archive: (Web Archive) > X-Loop: FreeBSD.org > X-OriginalArrivalTime: 26 Sep 2002 10:45:16.0902 (UTC) FILETIME=[CD2BE860:01C26549] > > Part of man : > > > The algorithm used will depend upon whether crypt_set_format() has been > called and whether a global default format has been specified. Unless a > global default has been specified or crypt_set_format() has set the for- > mat to something else, the built-in default format is used. This is cur- > rently DES if it is available, or MD5 if not. > > How the salt is used will depend upon the algorithm for the hash. For > best results, specify at least two characters of salt. > > The crypt_get_format() function returns a constant string that represents > the name of the algorithm currently used. Valid values are `des', `blf' > and `md5'. > > The crypt_set_format() function sets the default encoding format accord- > ing to the supplied string. > > The global default format can be set using the /etc/auth.conf file using > the `crypt_format' property. > > ... > > greets jw > > ps. man : (man auth.conf) && man 3 crypt && man 3 auth_getval(!!) > > On Thu, Sep 26, 2002 at 09:55:50AM +0000, Olafur Osvaldsson wrote: > > Date: Thu, 26 Sep 2002 09:55:50 +0000 > > From: Olafur Osvaldsson > > To: Dmitry Agafonov > > Cc: freebsd-security@FreeBSD.ORG > > Subject: Re: Password encoding > > In-Reply-To: <200209260922.g8Q9MYR23427@sequel.rsm.ru> > > User-Agent: Mutt/1.3.28i > > List-Archive: (Web Archive) > > X-Loop: FreeBSD.org > > X-OriginalArrivalTime: 26 Sep 2002 09:56:15.0528 (UTC) FILETIME=[F3F9DA80:01C26542] > > > > Dmitry, > > You should be able to set it in /etc/auth.conf, but that doesn't work for me. > > > > You can instead run crypt_set_format("md5") to set the default for your prog > > to md5 or blf for blowfish. > > > > You could also make sure that your salts start with $$ wich would then > > set the algorithm used in encryption, more info on this in the crypt(3) manpage. > > > > /Oli > > > > On Thu, 26 Sep 2002, Dmitry Agafonov wrote: > > > > > Ok, how about more common question. How do I ask system crypt() to use MD5 > > > by default? /etc/make.conf or such? > > > > > > -- > > > Dmitry > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > -- > > Olafur Osvaldsson > > Systems Administrator > > Internet a Islandi hf. > > Tel: +354 525-5291 > > Email: oli@isnic.is > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message