Re: Default password hash
On 2012-06-09 00:01, Robert Simmons wrote:
> On Fri, Jun 8, 2012 at 9:06 AM, Maxim Khitrov <max@mxcrypt.com>
> wrote:
>> On Fri, Jun 8, 2012 at 8:51 AM, Dag-Erling Sm繪rgrav <des@des.no>
>> wrote:
>>> We still have MD5 as our default password hash, even though
>>> known-hash
>>> attacks against MD5 are relatively easy these days. 슠We've
>>> supported
>>> SHA256 and SHA512 for many years now, so how about making SHA512
>>> the
>>> default instead of MD5, like on most Linux distributions?
>>
>> If SHA-2 hashes have been supported for many years, why haven't the
>> man pages been updated? login.conf(5) on 9.0-RELEASE still only
>> lists
>> "des", "md5", and "blf". I've been using the latter on my systems.
>
> Yes, I think at least listing all the supported algorithms in the
> login.conf man page is of utmost importance. I've been using
> blowfish
> since it was introduced to FreeBSD over 12 years ago, but I had no
> idea that any other algorithms were possible/available until now.
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
> "freebsd-security-unsubscribe@freebsd.org"
it was listed with 9.0, change /etc/login.conf from md5 to sha512 and
then cap_mkdb /etc/login.conf and then passwd root/users for effect. as
a previous post im not sure the /etc/auth.conf is necessary.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 13 之 47 篇):