adduser and crypt
Erick Mechler
emechler at techometer.net
Tue Apr 8 06:46:42 PDT 2003
:: adduser(8) perl script uses crypt(3) to generate encrypted passwords,
:: as pointed in /usr/sbin/adduser itself. Currently in /etc/login.conf
:: password format is MD5 as default but adduser always generates encrypted
:: passwords in DES format.
Eugene, I totally agree with you, but for some reason it was decided that
/etc/login.conf wasn't a good place to store the default password scheme
for adduser. Instead, there's a facility in /etc/auth.conf to set the
crypt_default which overrides what format crypt(3) produces (it's a system
default for the crypt_set_format() call).
This works fine for adduser in producing MD5 passwords, however, it breaks
a few other things (mailman was one that I found) that expect crypt to
produce DES output (which, IMHO, it should continue to do as it has for
decades).
To address this, you can patch adduser to only produce MD5 passwords based
on the patch in a few PRs, or you can use /usr/ports/sysutils/enteruser.
http://www.freebsd.org/cgi/query-pr.cgi?pr=24439
http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/24953
Alternatively you can upgrade to 5.x since the new version of adduser
wraps itself around pw(8).
Cheers - Erick
More information about the freebsd-stable
mailing list