Re: Security trough paranoia

To: debian-devel@lists.debian.org
Subject: Re: Security trough paranoia
From: Matt Zimmerman <mdz@debian.org>
Date: Sun, 1 Apr 2001 00:53:26 -0500
Message-id: <[🔎] 20010401005324.C28925@alcor.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20010331163420.B994@korn.ch>; from arthur@korn.ch on Sat, Mar 31, 2001 at 04:34:20PM +0200
References: <[🔎] 20010330163354.A10286@bmrb.wisc.edu> <[🔎] Pine.LNX.4.30.0103301643560.5180-100000@tennyson.netexpress.net> <[🔎] 20010330182728.A10695@bmrb.wisc.edu> <[🔎] yttelvewxjr.fsf@gilgamesh.cse.ucsc.edu> <[🔎] 20010331163420.B994@korn.ch>

On Sat, Mar 31, 2001 at 04:34:20PM +0200, Arthur Korn wrote:

> Ben Gertzfield schrieb:
> > How exactly are you proposing to keep change shadow passwords back and
> > forth from MD5 without having the user re-input every password?
> > 
> > This is Very Hard to Do. :)
> 
> The switch from crypt to md5 is not that hard, given
> sufficiently bad passwords (which _many_ users have). :)

Is there any (currently implemented) way to switch from crypt to md5,
supporting crypt passwords already in the database, but adding new passwords
using md5?  This would allow administrators to make a smooth transition.

-- 
 - mdz

Reply to:

References:
- Re: Security trough paranoia
  - From: dmaziuk@bmrb.wisc.edu (Dimitri Maziuk)
- Re: Security trough paranoia
  - From: Steve Langasek <vorlon@netexpress.net>
- Re: Security trough paranoia
  - From: dmaziuk@bmrb.wisc.edu (Dimitri Maziuk)
- Re: Security trough paranoia
  - From: Ben Gertzfield <che@debian.org>
- Re: Security trough paranoia
  - From: Arthur Korn <arthur@korn.ch>

Prev by Date: Looking for Raphael Bossek <bossekr@debian.org>
Previous by thread: Re: Security trough paranoia
Next by thread: Re: Security trough paranoia
Index(es):
- Date
- Thread