MD5 vs. SHA1 hashed passwords in /etc/master.passwd: can we configure SHA1 in /etc/login.conf?

Stanislav Sedov stas at
Sun Jan 4 06:25:33 UTC 2009

Hash: SHA1

On Sat, 03 Jan 2009 22:45:59 +0100
"O. Hartmann" <ohartman at> mentioned:

> MD5 seems to be compromised by potential collision attacks. So I tried
> to figure out how I can use another hash for security purposes when
> hashing passwords for local users on a FreeBSD 7/8 box, like root or
> local box administration. Looking at man login.conf reveals only three
> possible hash algorithms selectable: md5 (recommended), des and blf.
> Changing /etc/login.conf's tag
> default:\
>         :passwd_format=sha1:\
> followed by a obligatory "cap_mkdb" seems to do something - changing
> root's password results in different hashes when selecting different
> hash algorithms like des, md5, sha1, blf or even sha256.
> Well, I never digged deep enough into the source code to reveal the
> magic and truth, so I will ask here for some help. Is it possible to
> change the md5-algorithm by default towards sha1 as recommended after
> the md5-collisions has been published?

The default hash format can be configured via auth.conf(5) file. AFAIK,
md5, des, blowfish and nthash are supported currently.

BTW, I don't think that recently discovered collisions in md5 algoritm
can compromise system passwords, as crypt(3) md5 scheme doesn't store
the plain md5 sums, but result of a number of md5 computations over a
salted password string. Of course, being able to find hash collisions
can speedup the brute-force attack a bit, but this had to be proven

- -- 
Stanislav Sedov



More information about the freebsd-security mailing list