[Pkg-shadow-devel] Bug#991914: YESCRYPT support information missing in config and man pages
Peter Viskup
skupko.sk at gmail.com
Thu Aug 5 10:22:49 BST 2021
Package: login
Version: 1:4.8.1-1
The YESCRYPT method not listed in man pages of
login.defs, YESCRYPT_COST_FACTOR option should be listed in login.defs too
(same for man page).
~# grep -B10 "ENCRYPT_METHOD " /etc/login.defs
#
# If set to MD5 , MD5-based algorithm will be used for encrypting password
# If set to SHA256, SHA256-based algorithm will be used for encrypting
password
# If set to SHA512, SHA512-based algorithm will be used for encrypting
password
# If set to DES, DES-based algorithm will be used for encrypting password
(default)
# Overrides the MD5_CRYPT_ENAB option
#
# Note: It is recommended to use a value consistent with
# the PAM modules configuration.
#
ENCRYPT_METHOD SHA512
Which is inconsistent with PAM common-password configuration
~# cat /etc/pam.d/common-password |grep pam_unix.so
password [success=1 default=ignore] pam_unix.so obscure yescrypt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20210805/ddf3eb78/attachment.htm>
More information about the Pkg-shadow-devel
mailing list