[Pkg-shadow-devel] Bug#1124835: chpasswd hash check goes too far
Marc Haber
mh+debian-packages at zugschlus.de
Wed Jan 7 08:24:35 GMT 2026
On Wed, Jan 07, 2026 at 08:58:15AM +0100, Marc Haber wrote:
>This is even worse now, chpasswd won't accept a perfectly valid
>yescrypt hash:
>
>$ echo 9hKGOX79oaP4FEhQ2xQ6wLvPXsTTUtPiYu4QCXsc | mkpasswd --hash=yescrypt --stdin
>$y$j9T$VPuG6eC6CTZG7fxHR1YwP0$kZeswr5rIJKCXbeLvE/R412AO4vB1HLwuBrqg1nnPU4
># echo "aust:$y$j9T$VPuG6eC6CTZG7fxHR1YwP0$kZeswr5rIJKCXbeLvE/R412AO4vB1HLwuBrqg1nnPU4" | chpasswd --encrypted
>chpasswd: (line 1, user aust) invalid password hash
>chpasswd: error detected, changes ignored
>
>I think that would now warrant Severity: serious.
# echo "aust:*" | chpasswd --encrypted
chpasswd: (line 1, user aust) invalid password hash
chpasswd: error detected, changes ignored
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
More information about the Pkg-shadow-devel
mailing list