on Thu, May 23, 2002 at 11:22:51PM -0400, Steven M. Bellovin wrote:
> One other point I should mention:  the code fragment I sketched had an 
> optional site-specific field.  Today's algorithm encrypts a constant 
> block, which makes hashed passwords portable.  That isn't necessarily 
> an advantage, since it lets an attacker combine password files from 
> multiple sites for a single cracking run.  The variant allows site 
> administrators to change that.
> 
> Where to store this string is an open issue.

Is there any harm in storing it in /etc/passwd.conf?
eg,
default:
    localcipher = sha512[,rounds[,site-salt]]