MD5 vs. SHA1 hashed passwords in /etc/master.passwd: can we
configure SHA1 in /etc/login.conf?
O. Hartmann
ohartman at mail.zedat.fu-berlin.de
Thu Jan 8 23:02:48 UTC 2009
Mike Tancsa wrote:
> At 04:45 PM 1/3/2009, O. Hartmann wrote:
>
>> followed by a obligatory "cap_mkdb" seems to do something - changing
>> root's password results in different hashes when selecting different
>> hash algorithms like des, md5, sha1, blf or even sha256.
>>
>> Well, I never digged deep enough into the source code to reveal the
>> magic and truth, so I will ask here for some help. Is it possible to
>> change the md5-algorithm by default towards sha1 as recommended after
>> the md5-collisions has been published?
>
> Are you sure sha1 is supported ? It looks like if you put in something
> not understood in the login.conf file, it defaults to what appears to
> be DES.
>
> ---Mike
>
>> Thanks in advance,
>> Oliver
Yes, you're absolutely right, I figured this also out after I tried evey
possible hashing alogrithmen mentioned in the manpage. I use 'blf' now.
Regards,
Oliver
More information about the freebsd-security
mailing list