Re: Password encoding
From: Erick Mechler (emechler@techometer.net)
Date: 09/26/02
- Next message: Kris Kennaway: "Re: Password encoding"
- Previous message: Nomad: "Password encoding"
- In reply to: Nomad: "Password encoding"
- Next in thread: Todor Genov: "Re: Password encoding"
- Reply: Todor Genov: "Re: Password encoding"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 25 Sep 2002 15:26:45 -0700 From: Erick Mechler <emechler@techometer.net> To: Nomad <mailman@crypton.pl>
:: So I made small investigation. And what I found: new auth_default value
:: in my system is DES !!! And my password on new accounts are only 8
:: characters long !!!
You're going to want to do 2 things. First, make sure that you have your
passwd_format=md5 in your /etc/login.conf (be sure to run cap_mkdb
/etc/login.conf after you do so).
Currently there's a bug with /usr/sbin/adduser which results in changed
passwords defaulting to DES, despite whatever the system default password
scheme is. /usr/sbin/pw and /usr/bin/passwd do not suffer from this
problem.
Bottom line: don't use adduser to set your passwords upon account creation,
use the passwd utility or pw. This will insure that all your system
passwords are created and stay MD5.
Cheers - Erick
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Kris Kennaway: "Re: Password encoding"
- Previous message: Nomad: "Password encoding"
- In reply to: Nomad: "Password encoding"
- Next in thread: Todor Genov: "Re: Password encoding"
- Reply: Todor Genov: "Re: Password encoding"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
