From owner-freebsd-security  Mon May  3 17:48:20 1999
Delivered-To: freebsd-security@freebsd.org
Received: from zippy.cdrom.com (zippy.cdrom.com [204.216.27.228])
	by hub.freebsd.org (Postfix) with ESMTP id 712AC157AC
	for <freebsd-security@FreeBSD.ORG>; Mon,  3 May 1999 17:48:18 -0700 (PDT)
	(envelope-from jkh@zippy.cdrom.com)
Received: from zippy.cdrom.com (localhost [127.0.0.1])
	by zippy.cdrom.com (8.9.3/8.9.3) with ESMTP id RAA30467;
	Mon, 3 May 1999 17:42:58 -0700 (PDT)
	(envelope-from jkh@zippy.cdrom.com)
To: "Matthew D. Fuller" <fullermd@netalpha.net>
Cc: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>,
	Robert Watson <robert+freebsd@cyrus.watson.org>,
	Poul-Henning Kamp <phk@critter.freebsd.dk>,
	The Tech-Admin Dude <geniusj@phoenix.unacom.com>,
	Brian Beaulieu <brian@capital-data.com>, freebsd-security@FreeBSD.ORG
Subject: Re: Blowfish/Twofish 
In-reply-to: Your message of "Mon, 03 May 1999 19:38:37 CDT."
             <19990503193836.D1229@netalpha.net> 
Date: Mon, 03 May 1999 17:42:58 -0700
Message-ID: <30464.925778578@zippy.cdrom.com>
From: "Jordan K. Hubbard" <jkh@zippy.cdrom.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> So how far are we from being able to say 'Accept DES, prefer MD5, and
> always use MD5 for new passwords' with PAM?  What pieces are we missing?

We can do that right now, though PAM doesn't "prefer" so much as
simply try things in the order you specify.  Humans prefer things,
programs just do them. :-)

The "new password" selection is handled by /etc/auth.conf

- Jordan


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message