Re: Default password hash
--RxUQJxD9bT7Ys92M
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jun 08, 2012 at 02:51:55PM +0200, Dag-Erling Sm=C3=B8rgrav wrote:
> We still have MD5 as our default password hash, even though known-hash
> attacks against MD5 are relatively easy these days. We've supported
> SHA256 and SHA512 for many years now, so how about making SHA512 the
> default instead of MD5, like on most Linux distributions?
>=20
> Index: etc/login.conf
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> --- etc/login.conf (revision 236616)
> +++ etc/login.conf (working copy)
> @@ -23,7 +23,7 @@
> # AND SEMANTICS'' section of getcap(3) for more escape sequences).
>=20
> default:\
> - :passwd_format=3Dmd5:\
> + :passwd_format=3Dsha512:\
> :copyright=3D/etc/COPYRIGHT:\
> :welcome=3D/etc/motd:\
> :setenv=3DMAIL=3D/var/mail/$,BLOCKSIZE=3DK,FTP_PASSIVE_MODE=3DYES=
:\
>=20
+1
--RxUQJxD9bT7Ys92M
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)
iEYEARECAAYFAk/R924ACgkQKc512sD3afiqJACfflg3ODaEBe71+X4LS46fkzz+
gdMAn3hEL8Hb7Q30pviOjtJqPmjqEaaA
=OxAF
-----END PGP SIGNATURE-----
--RxUQJxD9bT7Ys92M--
討論串 (同標題文章)
完整討論串 (本文為第 8 之 47 篇):