[Pkg-shadow-devel] chpasswd, -e now missing
Nicolas François
nicolas.francois at centraliens.net
Fri Jul 24 12:04:07 UTC 2009
On Fri, Jul 24, 2009 at 01:08:32PM +0200, lange at informatik.uni-koeln.de wrote:
> Hi,
>
> I'm currently using chpasswd --encrypted in lenny for setting a
> password. I just saw that in the new version of chpasswd does not
> support -e any more, and the man page says, the password must be in
> clear text. IMO this is a security issue (maybe a RC bug?). But I like
> to give chpasswd only as already encrypted string for security
> reasons.
Please file a wishlist bug to reintroduce -e.
I wanted to have a way to enforce the password policy from PAM, but you
are not the first one who want to avoid this. So I may re-introduce this
option.
I do not think it is a security issue. It is documented in the manpage's
CAVEAT and people are not forced to use the tool.
> Is it still possible to give chpasswd an encrypted string? Are there
> other methos for doing that?
You can use usermod -p.
Best Regards,
--
Nekral
More information about the Pkg-shadow-devel
mailing list