Re: Crypt Setting

From: Casper Dik (Casper.Dik@Sun.COM)
Date: 12/23/02


To: bsec <bsec@cotse.net>
Date: Mon, 23 Dec 2002 01:50:27 +0100
From: Casper Dik <Casper.Dik@Sun.COM>


>I'm under the impression that it's a good idea to increase the number of
>types crypt() is used for encrypting user passwords; however, I have been
>unable to determine where in Solaris 8 I can do this. Does anyone know
>what the default number of types crypt() is used in Solaris 8 and where
>the setting is located to change this value?

Solaris 8 cannot, I'm afraid. The latest release of Solaris 9 can.

The Solaris 9 12/02 what's new docs say:

            http://docs.sun.com/db/doc/816-7173/6md6rliq8?a=view

    Enhanced crypt() Function

    Password encryption protects passwords from being read by intruders.
    Three strong password encryption modules are now available in the
    software:

        * A version of Blowfish that is compatible with BSD systems
        * A version of MD5 that is compatible with BSD and Linux systems
        * A stronger version of MD5 that is compatible with other
        Solaris 9 12/02 systems

    For information on how to protect your user passwords with these new
    encryption modules, see the System Administration Guide: Security
    Services. For information on the strength of the modules, see the
    crypt_bsdbf(5), crypt_bsdmd5(5), and crypt_sunmd5(5) man pages.

And see also:

            http://docs.sun.com/db/doc/816-4883/6mb2joaph?a=view



Relevant Pages

  • Crypt Setting
    ... I'm under the impression that it's a good idea to increase the number of ... types crypt() is used for encrypting user passwords; ... unable to determine where in Solaris 8 I can do this. ...
    (Focus-SUN)
  • Re: Does Solaris provide encrypted file system?
    ... >If Solaris doesn't, how to protect the files needing encryption type ... Matt Blaze wrote an add-on to NFS called Cryptographic File System ... (CFS) ...
    (comp.unix.solaris)
  • Re: Disk Encryption for Solaris 9
    ... I suppose I could run Solaris 10, along with encryption pack, on the ... laptops but still build Solaris 9 using Jumpstart? ... I'm not aware of any whole-disk encryption products for Solaris though. ... both in OpenSolaris rather than Solaris 10. ...
    (comp.sys.sun.hardware)
  • Re: NT domain to Linux ??
    ... >> I don't even think there is any need for NIS anymore in an environment ... I can get the Solaris machines there upgraded to Solaris 9. ... that MD5 encryption ...
    (RedHat)
  • Re: Disk Encryption for Solaris 9
    ... I'm not aware of any whole-disk encryption products for Solaris though. ... both in OpenSolaris rather than Solaris 10. ... cant replace the disk in a laptop with a flagstone disk and install ...
    (comp.sys.sun.hardware)