Hi, On Wednesday 02 November 2005 09:04, Christian Perrier wrote: > The attached patch documents the password preseeding, including the "new" > ways to preseed passwords as of shadow 4.0.13-1, which is now in testing. Thanks. > I'm not very used to the writing style of the Installation Guide. This is > why I did not commit the change immediately as it probably needs a review. Looked good to me, besides this: Three remarks about the 2nd paragraph: (quoted now for easier reference) +<para condition="etch"> +The passwords can also be preseeded as MD5 <emphasis>hashes</emphasis> +by using the <classname>passwd/root-password-crypted</classname> and +<classname>passwd/user-password-crypted</classname> variables. Thihs +method is considered slightly better in terms of security but not +completely proof as well because physical access to a MD5 </para> hash +allows for brute force attacks. Some people even consider this method +can be less secure as it may give a false sense of security. +</para> 1. typo: Thihs 2. s/Some people even consider this method can be less secure as it may give a false sense of security./Some people consider this method problematic as it may give a false sense of security./ Maybe its even sensible to write it even shorter: "This method is considered slightly better in terms of security but it might also give a false sense of security because physical access to a MD5 hash allows for brute force attacks." 3. I believe the </para> after the 2nd MD5 is wrong. regards, Holger
Attachment:
pgp0kFsQMHqsB.pgp
Description: PGP signature