OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq Archives: Re: Rh 6.1 initial root password encryption

Re: Rh 6.1 initial root password encryption

Subject: Re: Rh 6.1 initial root password encryption
From: Fabian Kroenner (escherSPOILED.ORG)
Date: Sat Jan 22 2000 - 05:42:51 CST

On Fri, Jan 21, 2000 at 10:57:45AM +1100, Ken Barber wrote:
> The initial root password that is set in /etc/shadow by the Red Hat 6.1
> installation program is in crypt-style, not MD5. This occurs even if you
> have chosen MD5 encryption in the initial setup of RH.

Hi,

this has been reported to Red Hat Oct, 10th 1999.

The Bugzilla-ID is 5542 - see:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=5542
to find out more about the status of the bug.

I suspect that it does affect all (user) accouts created during
installation with the new anaconda-installer. If I recall correctly I
have observed this in the previous (Red Hat 6.0) installer as well.
Both ask for the root password, before setting the encryption-options.

I hope they modify the installer properly, since it cannot be 'fixed'
through a package update. Using passwd after install is the only way
to do it, correct me if I am wrong.

Regards...
Fabian Kroenner <escherspoiled.org>
__________________________________________________________________
GnuPG Public Key available: http://www.spoiled.org/~escher/.pubkey
Key Fingerprint: 2311 6D40 FE1F 9D94 77AD 20CA 2F38 AD9E 19AB 6A00

This archive was generated by hypermail 2b27 : Mon Jan 24 2000 - 01:21:26 CST