Re: Security trough paranoia

To: debian-devel@lists.debian.org
Subject: Re: Security trough paranoia
From: Matt Zimmerman <mdz@debian.org>
Date: Sun, 1 Apr 2001 03:47:57 -0400
Message-id: <[🔎] 20010401034755.E28925@alcor.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 84lmplw2di.fsf@snoopy.apana.org.au>; from bam@debian.org on Sun, Apr 01, 2001 at 04:38:49PM +1000
References: <20010330163354.A10286@bmrb.wisc.edu> <Pine.LNX.4.30.0103301643560.5180-100000@tennyson.netexpress.net> <20010330182728.A10695@bmrb.wisc.edu> <yttelvewxjr.fsf@gilgamesh.cse.ucsc.edu> <20010331163420.B994@korn.ch> <20010401005324.C28925@alcor.net> <[🔎] 84lmplw2di.fsf@snoopy.apana.org.au>

On Sun, Apr 01, 2001 at 04:38:49PM +1000, Brian May wrote:

> >>>>> "Matt" == Matt Zimmerman <mdz@debian.org> writes:
> 
>     Matt> Is there any (currently implemented) way to switch from
>     Matt> crypt to md5, supporting crypt passwords already in the
>     Matt> database, but adding new passwords using md5?  This would
>     Matt> allow administrators to make a smooth transition.
> 
> I believe that is the only way supported.
> 
> ie. either password can be read from the file, but by default only
> crypt is written. This default can be changed by editing the PAM
> files.

In that case, the only reason not to use md5 passwords by default is if the
system in question is a NIS _server_, not a client as has been implied before.
I agree that md5 should be the default.

-- 
 - mdz

Reply to:

Follow-Ups:
- md5 default (was Re: Security trough paranoia)
  - From: Joey Hess <joeyh@debian.org>

References:
- Re: Security trough paranoia
  - From: Brian May <bam@debian.org>

Prev by Date: Re: Security trough paranoia
Next by Date: Re: Security trough paranoia
Previous by thread: Re: Security trough paranoia
Next by thread: md5 default (was Re: Security trough paranoia)
Index(es):
- Date
- Thread