NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > FreeBSD Security> 2000-02

Subject: Re: [MORE] Passwords database
From: Spidey (beaupraniro.umontreal.ca)
Date: Sun Feb 06 2000 - 17:13:31 CST

Next message: Spidey: "RFC: More useful changes to /etc/*syslog*"
Previous message: Robert Watson: "review: simple syslog.conf,newsyslog.conf patch with sample logging"
In reply to: Andrew Otwell: "Re: [MORE] Passwords database"
Next in thread: Jeffrey J. Mountin: "Re: [MORE] Passwords database"
Reply: Spidey: "Re: [MORE] Passwords database"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If the encrypted password in /etc/master.passwd starts with "$1$" the
new one will be MD5.

--- Big Brother told Andrew Otwell to write, at 13:55 of February 4:
> What if the user changes their password via "passwd "?
>
> I understood that after you installed DES, then all passwords would be
> DES upon the next user password change. I'd love to be incorrect on this
> one. Please yank and put some dummy examples - before and after. Please
> DO NOT use root's account and a passwd user as this will not apply to a
> 3000+ user system.
>
>
> Alexander Leidinger wrote:
> >
> > On 4 Feb, Andrew Otwell wrote:
> > > MD5 is stingy and does not understand DES.
> > > If you're running in DES compat mode (i.e. libcrypt -> libdescrypt)
> > > you will not be able to choose which passwords will be in MD5 format.
> > > All passwords will be in DES format from DES inception onward.
> >
> > Sorry, but I have libcrypt -> libdescrypt and my root-password is hashed
> > with MD5.
> > I didn't know how to migrate automaticly at next login, but manualy you
> > can use e.g. vipw, exchange the old passwd with "$1$*" (without the
> > doublequotes) and execute as root "passwd user". The new password is now
> > hashed with MD5.
> >
> > Bye,
> > Alexander.
> >
> > --
> > "'Faith' means not _wanting_ to know what is true." -- Nietzshe
> >
> > http://www.Leidinger.net Alexander+Home Leidinger.net
> > Key fingerprint = 7423 F3E6 3A7E B334 A9CC B10A 1F5F 130A A638 6E7E
>
> --
> _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
> Andrew T. Otwell, Network Administrator
> andrewnetworkcomputerz.com, 678.363.8491
> http://www.NetworkComputerz.com
> yank GPG DSS key from hkp://pgpkeys.mit.edu
> _/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
>
>
> To Unsubscribe: send mail to majordomoFreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

-- Si l'image donne l'illusion de savoir C'est que l'adage pretend que pour croire, L'important ne serait que de voir

Lofofora

To Unsubscribe: send mail to majordomoFreeBSD.org with "unsubscribe freebsd-security" in the body of the message

Next message: Spidey: "RFC: More useful changes to /etc/*syslog*"
Previous message: Robert Watson: "review: simple syslog.conf,newsyslog.conf patch with sample logging"
In reply to: Andrew Otwell: "Re: [MORE] Passwords database"
Next in thread: Jeffrey J. Mountin: "Re: [MORE] Passwords database"
Reply: Spidey: "Re: [MORE] Passwords database"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]