[Pkg-shadow-devel] Bug#1124835: chpasswd hash check goes too far
Marc Haber
mh+debian-packages at zugschlus.de
Wed Jan 7 07:58:15 GMT 2026
This is even worse now, chpasswd won't accept a perfectly valid yescrypt
hash:
$ echo 9hKGOX79oaP4FEhQ2xQ6wLvPXsTTUtPiYu4QCXsc | mkpasswd --hash=yescrypt --stdin
$y$j9T$VPuG6eC6CTZG7fxHR1YwP0$kZeswr5rIJKCXbeLvE/R412AO4vB1HLwuBrqg1nnPU4
# echo "aust:$y$j9T$VPuG6eC6CTZG7fxHR1YwP0$kZeswr5rIJKCXbeLvE/R412AO4vB1HLwuBrqg1nnPU4" | chpasswd --encrypted
chpasswd: (line 1, user aust) invalid password hash
chpasswd: error detected, changes ignored
I think that would now warrant Severity: serious.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
More information about the Pkg-shadow-devel
mailing list