[Pkg-shadow-devel] shadow
Adam Ruczko
aruczko at certum.pl
Thu Dec 29 12:18:55 UTC 2005
Nicolas François napisał(a):
> Hello,
>
> On Wed, Dec 28, 2005 at 11:10:21AM +0100, Adam Ruczko wrote:
>> Is the possibility to use other algorithm than MD5 for crypt password's
>> in shadow ? For example blowfish? MD5 is very weak..
>
> You may want to test pam_unix2. It should work for all the tools that use
> PAM for setting/checking the passwords (i.e. passwd, su, login should
> work, but chpasswd and the useradd's -p option won't work; all this
> should be verified)
>
> I've found more info on this thread:
> https://www.redhat.com/archives/pam-list/2003-September/msg00061.html
> (Making Linux use Blowfish for passwd/shadow encryption)
>
> Well, would certainly be nice, but this must be discussed with Tomasz,
> the upstream author. I wouldn't like to see a Debian-only
> implementation.
I have found better way to do this.
This implementation is used for example in SUSE and Slackware:
http://linuxfromscratch.org/pipermail/hints/2005-February/002787.html
This is patch made by Solar for openwall project (for shadow package).
Of curse this can be made manually, but I think that this problem is
worth to discuss and solve in Debian.
--
Adam Ruczko
More information about the Pkg-shadow-devel
mailing list