bin/65557: passwd uses passwd_format of default login class
Bernard Buri
bsd at ask-us.at
Thu Apr 15 01:10:21 PDT 2004
>Number: 65557
>Category: bin
>Synopsis: passwd uses passwd_format of default login class
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Apr 15 01:10:20 PDT 2004
>Closed-Date:
>Last-Modified:
>Originator: Bernard Buri
>Release: 5.2.1-RELEASE-p3
>Organization:
ask!
>Environment:
FreeBSD ***hostname*** 5.2.1-RELEASE-p3 FreeBSD 5.2.1-RELEASE-p3 #6: Fri Mar 26 02:07:00 CET 2004 root@***hostname***:/usr/obj/usr/src/sys/BABYLON i386
>Description:
Setting up a login class in /etc/login.conf with a different passwd_format than the default class (e.g. blf instead of md5) will work now with the adduser script.
But when the user attempts to change his password via the passwd utility, this will generate an md5 password because it uses the format of the default login class.
>How-To-Repeat:
as root:
edit /etc/login.conf: remove comments from last entry (des_users)
update the database: cap_mkdb -v /etc/login.conf
change your class: chpass -> Class: des_users
change your password: passwd
look a the encoded password: chpass
you can see that the password starts with $1... (md5)
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list