Re: Security trough paranoia

To: debian-devel@lists.debian.org
Subject: Re: Security trough paranoia
From: andrea@debian.org
Date: Sun, 1 Apr 2001 12:46:43 +0200
Message-id: <[🔎] 20010401124643.A20854@localhost>
In-reply-to: <[🔎] 986111640.3ac6de981c503@www.secureserver.com>; from vorlon@netexpress.net on Sun, Apr 01, 2001 at 01:54:00AM -0600
References: <20010330163354.A10286@bmrb.wisc.edu> <Pine.LNX.4.30.0103301643560.5180-100000@tennyson.netexpress.net> <20010330182728.A10695@bmrb.wisc.edu> <yttelvewxjr.fsf@gilgamesh.cse.ucsc.edu> <20010331163420.B994@korn.ch> <20010401005324.C28925@alcor.net> <[🔎] 986111640.3ac6de981c503@www.secureserver.com>

On Sun, Apr 01, 2001 at 01:54:00AM -0600, Steve Langasek wrote:
[...]
> Use pam_unix and turn on the 'md5' option in the passwd section of your
> pam config files. Services will still properly authenticate against
> existing crypted passwords, but all new password hashes written to the
> file upon password change will be md5. If you don't want to wait for users
> to change their passwords before the hashes are changed, a little bit of

[...]

You can also force the change of the password with the timeout
in the shadow file (working with chage(1)) 

Regards

a.f.

-- 
Andrea Fanfani 
"I worry  about my child and  the Internet all the  time, even though
she's too young to  have logged on yet. Here's what  I worry about. I
worry that  10 or  15 years  from now, she  will come  to me  and say
'Daddy, where were you when they  took freedom of the press away from
the Internet?'" -- Mike Godwin, Electronic Frontier Foundation

Reply to:

References:
- Re: Security trough paranoia
  - From: Steve Langasek <vorlon@netexpress.net>

Prev by Date: Re: Security through paranoia 2, with proposal...
Next by Date: Re: Source-Only Uploads and Packages{,.bz2}
Previous by thread: Re: Security trough paranoia
Next by thread: Re: Security trough paranoia
Index(es):
- Date
- Thread