[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

md5 default (was Re: Security trough paranoia)

Package: passwd

Matt Zimmerman wrote:
> In that case, the only reason not to use md5 passwords by default is if the
> system in question is a NIS _server_, not a client as has been implied before.
> I agree that md5 should be the default.

Ok, I think passwd should be updated to change it to the default
(base-config used to ask the question; passwd does now; and the default
is currently not to turn on md5). It looks like the consensus of this
thread is that enabling md5 passwords makes sense on all systems that
are not NIS servers; so the template should probably be changed to:

Template: passwd/md5
Type: boolean
Default: true
Description: Shall I enable md5 passwords?
 Md5 passwords are more secure and allow for passwords longer than 8
 characters to be used. However, they can cause compatibility problems if
 used on NIS servers or if you are sharing password files with older systems. 

see shy jo

Reply to: