From owner-freebsd-doc Tue Sep 19 6:46:39 2000 Delivered-To: freebsd-doc@freebsd.org Received: from mx3out.umbc.edu (mx3out.umbc.edu [130.85.253.53]) by hub.freebsd.org (Postfix) with ESMTP id 8296037B423; Tue, 19 Sep 2000 06:46:37 -0700 (PDT) Received: from gl.umbc.edu (IDENT:root@linux1.gl.umbc.edu [130.85.60.38]) by mx3out.umbc.edu (8.9.3/8.9.3) with ESMTP id JAA15030; Tue, 19 Sep 2000 09:46:36 -0400 (EDT) Received: from localhost (vdidov1@localhost) by gl.umbc.edu (8.9.3/8.9.3) with ESMTP id JAA10704; Tue, 19 Sep 2000 09:46:35 -0400 X-Authentication-Warning: linux1.gl.umbc.edu: vdidov1 owned process doing -bs Date: Tue, 19 Sep 2000 09:46:35 -0400 (EDT) From: Victor To: freebsd-doc@FreeBSD.org Cc: unfurl@FreeBSD.org Subject: Handbook -> Security -> DES,MD5,Crypt Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-doc@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I was reading the part of the handbook you updated (DES, MD5, and Crypt) and wanted to ask/provide you with some updates. Perhaps adding a section called 8.4.2 would help others as well 1. How do you switch a password from des to md5? I was told on newsgroups to just add $1$ to a user password and then use passwd command to set the password again. This way the new password will be md5. I believe this information might be useful to others (it was for me). 2. How do you set so that the system treats all new passwords as md5 (by default)? I set the auth.conf line to this: auth_default = md5 However the new passwords were still des style. Is there a way to make sure all new passwords are md5? I was also thinking one might relink the libs to libscrypt, but that would then cause problems if some users still have des passwords. Could answers to these questions be added to the handbook? I would also appreciate if you sent me a solution to my second problem (if you know one). I know that DES has been broken. how secure is MD5 and are there other algorithms that can be used? (maybe we should check what openbsd uses :) Thank you very much Victor To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message