[Pkg-shadow-devel] gpasswd, newgrp and gshadow man pages

Tomasz Kłoczko kloczek@zie.pg.gda.pl
Wed, 13 Apr 2005 18:59:24 +0200 (CEST)


  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--568760595-1939234758-1113411564=:5286
Content-Type: TEXT/PLAIN; charset=ISO-8859-2
Content-Transfer-Encoding: QUOTED-PRINTABLE

On Tue, 12 Apr 2005, Nicolas [iso-8859-1] Fran=E7ois wrote:
[..]
> I've got another question regarding group shadow passwords.
> A shadow password looks like $1$HAxOrFpA$q/AbX2Cy9J7FZPq040Rw0/
> A gshadow password looks like gJ9sWrkMe2YYA
> Are group passwords MD5 enabled?

For generate hash it uses system avalaible crypt() and all this depend=20
only on way using this. So general answer for your quqstion is: yes.
All it may depends on: is current gshadow handling code implemented in=20
shadow is correct. Using thos feacture is so wide so probaly it may be not=
=20
perfect.

> Would it be possible to use the same format?
> (maybe this is already the case in versions greater than 4.0.3)
> (maybe this could be solved by a group shadow support in PAM)

For example when you are uses passwd with compiled in PAM support
code for generate ane examine hashes are aotside shadow code. You want use=
=20
DES, MD5 or SHA .. all depends on PAM modules.

After prepare gshadow support on glibc/PAM it alghoritms used for generate=
=20
for gshadow hashes will also outside current shadow code.
But for now there is no gshadow support on glibc/PAM and all must be=20
handled from shadow code. And yes: IMO most of this kind details may be
solved by implement gshadow support in PAM.

kloczek
--=20
-----------------------------------------------------------
*Ludzie nie maj=B1 problem=F3w, tylko sobie sami je stwarzaj=B1*
-----------------------------------------------------------
Tomasz K=B3oczko, sys adm @zie.pg.gda.pl|*e-mail: kloczek@rudy.mif.pg.gda.p=
l*
--568760595-1939234758-1113411564=:5286--