[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: MD5 passwords

On Sun, Apr 25, 1999 at 02:44:38PM -0400, Ben Pfaff wrote:
> Stephen Crowley <crow@debian.org> writes:
>    > Why?  Is there an advantage to MD5 passwords?  (If this is a FAQ
>    > please just point me to the appropriate FM to RT.)
>    I guess the question would be, why not? It allows unlimited password length
>    and is much harder to crack if someone does happen to get ahold of
>    /etc/shadow. 
> Do all system utilities support MD5 passwords?  Do they introduce
> incompatibilities with other OSes?

I tried doing this a while ago, and found it worked fine generally. Then one
day I had some obscure problem with a POP server -- it'd work for some users,
and not for others, and I couldn't work out for the life of me why. Turned
out the POP server didn't support md5 passwords, so I switched back.

But since we're using PAM (well, kinda) now, and since md5 passwords
are in general a Good Thing anyway, I'd think spending the time to *fix*
these programs would probably be worth while.


Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. PGP encrypted mail preferred.

``Smart, sexy, single. Pick any two (you can't have all three).''
        -- RFC 1925, paraphrased: a guide to networking in the '90s

Attachment: pgpavCfeSXDmX.pgp
Description: PGP signature

Reply to: