cvs commit: src/release Makefile
PeterJeremy at optushome.com.au
Wed Sep 28 12:03:14 PDT 2005
On Wed, 2005-Sep-28 15:10:19 +0200, Pawel Jakub Dawidek wrote:
>On Wed, Sep 28, 2005 at 01:46:14PM +0100, Ceri Davies wrote:
>+> On Wed, Sep 28, 2005 at 12:39:00PM +0000, Ken Smith wrote:
>+> > kensmith 2005-09-28 12:39:00 UTC
>+> > FreeBSD src repository
>+> > Modified files:
>+> > release Makefile
>+> > Log:
>+> > Add SHA256 checksums to the release build.
>+> Good idea. Along these lines, does anyone know what the barriers are
>+> in moving the default password hash from md5 to blowfish (not for
>+> RELENG_6, just in general), or has it just not been done yet?
You need to a line "crypt_default = blf" to /etc/auth.conf
That said, the blowfish magic string looks wrong - the MD5 and NT
hashes both have a training '$' but blowfish doesn't. Is this
deliberate or a typo?
>I'd really like to see us using PKCS#5v2 for system passwords at some
>point instead of home-grown hash(hash(...(x))) or encrypt(encrypt(...(x))).
As long as you can describe PKCS in a way that's compatible with the
modular crypt described in crypt(3), this is trivial.
More information about the cvs-src