[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How I installed Sarge using netinst CD

[Dale Amon]
> I've long wondered why MD5 isn't the default. The old style Unix
> passwords were crackable 5 years ago and certainly this has not
> gotten harder! I'd think the weak password algorithm should be a
> conscious choice for insecurity rather than the default.
> How many newbies are going to know why they should say
> yes to MD5?

This problem was solved in a recent upload of the shadow package:

  shadow (1:4.0.3-9) unstable; urgency=low
     * And last, but not least, what's undoubtedly going to be the
       most popular change: md5 passwords are turned on by default,
       and there is no prompt to change them.  Yes, this is reduced
       functionality.  No, it can't go back in the way it was; the old
       code not only modified conffiles, it modified *other*packages*
       conffiles and was a massive policy violation.  I expect this
       change will motivate the people who have said that they will
       come up with a proper solution to do so.  closes: #186016,
       #110228, #171808

Reply to: