Date: Tue, 8 Apr 2003 06:46:28 -0700 From: Erick Mechler <emechler@techometer.net> To: Eugene <eugene@copoc.ru> Cc: "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org> Subject: Re: adduser and crypt Message-ID: <20030408134628.GP651@techometer.net> In-Reply-To: <20030408091739.GA72859@copoc.ru> References: <20030408091739.GA72859@copoc.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
:: adduser(8) perl script uses crypt(3) to generate encrypted passwords, :: as pointed in /usr/sbin/adduser itself. Currently in /etc/login.conf :: password format is MD5 as default but adduser always generates encrypted :: passwords in DES format. Eugene, I totally agree with you, but for some reason it was decided that /etc/login.conf wasn't a good place to store the default password scheme for adduser. Instead, there's a facility in /etc/auth.conf to set the crypt_default which overrides what format crypt(3) produces (it's a system default for the crypt_set_format() call). This works fine for adduser in producing MD5 passwords, however, it breaks a few other things (mailman was one that I found) that expect crypt to produce DES output (which, IMHO, it should continue to do as it has for decades). To address this, you can patch adduser to only produce MD5 passwords based on the patch in a few PRs, or you can use /usr/ports/sysutils/enteruser. http://www.freebsd.org/cgi/query-pr.cgi?pr=24439 http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/24953 Alternatively you can upgrade to 5.x since the new version of adduser wraps itself around pw(8). Cheers - Erick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030408134628.GP651>