On Fri, Apr 28, 2000 at 09:21:43AM +0700, Oki DZ wrote: > BTW, does anyone use MD5 for /etc/shadow? I'd like to use it, but how do > "migrate" from crypt() to MD5? I don't think that just changing the entry > in the config file (/etc/login.conf?) would be sufficient. if your using slink changing /etc/login.conf is all it takes, but you are right that it won't instantly convert all your crypted passwords into md5, that is impossible since crypted passwords are not reversable (unless you use QNX hehe) however the next time any user runs /usr/bin/passwd thier new password will be in md5 format. don't worry though crypted passwords will still work with md5 enabled, activating md5 does not suddendly make all crypted passwords in /etc/shadow invalid. if your using PAM then sprinkle `md5' after any password line in the /etc/pam.d/* files (login, ssh, passwd..) personally i want Blowfish encrypted passwords like my OpenBSD box but linux does not support that :( OpenBSD lets me up the rounds on Blowfish passwords so high that it takes minutes or hours to login ;-) -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpsW0UZNYxkw.pgp
Description: PGP signature