[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Changing to MD5 shadow passwords?

----- Original Message -----
From: "Ethan Benson" <erbenson@alaska.net>
To: <debian-user@lists.debian.org>
Sent: Monday, March 19, 2001 5:50 PM
Subject: Re: Changing to MD5 shadow passwords?

        md5 hashes should work regardless of what hash passwd will create.
        however some time ago it was discovered that pam created bogus md5
        hashes due to an endianess bug, backward compatability was retained
        for awhile but it might be gone now.

How would I upgrade if I had a broken pam?
Could anyone point me to some docs on this.  I really don't want to have to
try and upgrade to RH7 -- debian is much smoother in upgrading.  And RH7
would probably break under the bogus md5's anyway right?

    also you can't just drop redhat passwd files onto debian, you will
    break your system.  you can only take the ordinary user accounts from
    redhat and add them to the debian passwd files.  that is uids above
    500 from redhat are ok, any uid below 500 is not.

How badly would it break?  Could I fix it easier than having to rebuild
hundreds of users and get them to reset all their passwords.
Reply to: