Re: /etc/shadow password hash format (migration from SuSE 9.3 to Debian Wheezy)
On 05/27/2013 04:23 PM, Andreas Meile wrote:
> Hello Chris
>
> ----- Original Message ----- From: "Chris Davies" <chris@roaima.co.uk>
> To: <debian-user@lists.debian.org>
> Sent: Monday, May 27, 2013 2:54 PM
> Subject: Re: /etc/shadow password hash format (migration from SuSE 9.3
> to Debian Wheezy)
>
>
>> man 3 crypt contains a NOTES section that identifies the ID and describes
>> its format. Specifically, $6$salt$encrypted is SHA-512.
>
> Thanks for the hint. Already done:
>
>> ID | Method
>> ---------------------------------------------------------
>> 1 | MD5
>> 2a | Blowfish (not in mainline glibc; added in some
>> | Linux distributions)
>> 5 | SHA-256 (since glibc 2.7)
>> 6 | SHA-512 (since glibc 2.7)
>
> So this lights out the situation: While SuSE 9.3 used Blowfish as
> extended password encryption method, Debian Wheezy uses SHA-512 for
> that. A short view inside older Linux boxes: Squeeze also uses SHA-512,
> and Lenny uses MD5 according this table.
>
> A "apt-cache search blowfish" shows me a lot of Blowfish related
> packages. So is there one on it which extends the login authentication
> routine also to process Blowfish hashes in /etc/shadow or is that a much
> more complicate procedure (compiling a new kernel for example)?
>
> Andreas
Hi Andreas,
I think man login.defs will bring some light on the problem.
Regards,
Alex
Reply to: