Re: MD5 passwords
Stephen Crowley <crow@debian.org> writes:
> Do all system utilities support MD5 passwords? Do they introduce
> incompatibilities with other OSes?
I'm not positive but I think all the system utils do support it. But it is
incompatible with older *nixes, I think it should tell the user about this
and then let them decide to enable it or not. I think I heard somewhere that
freebsd has this on by default now.
My thought would be to offer it but default to `no' until/unless
there's consensus in debian-devel or debian-policy that MD5 passwords
are preferred.
Are you running md5 passwords and if so have you encountered any
problems? If I want to test md5 passwords on my machines, how do I
set them up?
> Also, it's not possible to convert passwords between MD5 and standard
> crypt(), so it's not just a matter of doing something analogous to
> `shadowconfig on'/`shadowconfig off' like we have for shadow
> passwords.
Yes, that would be a concern.
I assume that it's possible to validate both ways at once (i.e., have
a passwd file with some md5 passwords and some `legacy' passwords),
and have the passwd set new or changed passwords in the currently
selected password format?
Reply to: