Re: Security trough paranoia

To: Steve Langasek <vorlon@netexpress.net>
Cc: debian-devel@lists.debian.org
Subject: Re: Security trough paranoia
From: Joey Hess <joey@kitenet.net>
Date: Thu, 5 Apr 2001 12:43:07 -0700
Message-id: <[🔎] 20010405124307.C828@kitenet.net>
Mail-followup-to: Steve Langasek <vorlon@netexpress.net>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 986111640.3ac6de981c503@www.secureserver.com>; from vorlon@netexpress.net on Sun, Apr 01, 2001 at 01:54:00AM -0600
References: <20010330163354.A10286@bmrb.wisc.edu> <Pine.LNX.4.30.0103301643560.5180-100000@tennyson.netexpress.net> <20010330182728.A10695@bmrb.wisc.edu> <yttelvewxjr.fsf@gilgamesh.cse.ucsc.edu> <20010331163420.B994@korn.ch> <20010401005324.C28925@alcor.net> <[🔎] 986111640.3ac6de981c503@www.secureserver.com>

Steve Langasek wrote:
> file upon password change will be md5. If you don't want to wait for users
> to change their passwords before the hashes are changed, a little bit of
> hacking inside pam_unix would allow the shadow file to be updated whenever
> a user authenticates successfully. c.f. pam_krb5_migrate and pam_smbpass.

Cool idea; if anyone gets it to work, please provide a HOWTO.

-- 
see shy jo, who has many of his user's passwords marked expired right
            now, to force conversion to md5

Reply to:

Follow-Ups:
- Re: Security trough paranoia
  - From: Brian May <bam@debian.org>

References:
- Re: Security trough paranoia
  - From: Steve Langasek <vorlon@netexpress.net>

Prev by Date: Re: Task-harden
Next by Date: Re: md5 default (was Re: Security trough paranoia)
Previous by thread: Re: Security trough paranoia
Next by thread: Re: Security trough paranoia
Index(es):
- Date
- Thread