Re: Which password cipher ?

To: "current-users%netbsd.org@localhost" <current-users%NetBSD.org@localhost>
Subject: Re: Which password cipher ?
From: Joerg Sonnenberger <joerg%britannica.bec.de@localhost>
Date: Thu, 2 Dec 2010 00:15:38 +0100

On Wed, Dec 01, 2010 at 06:07:39PM -0500, Thor Lancelot Simon wrote:
> On Thu, Dec 02, 2010 at 12:02:32AM +0100, Joerg Sonnenberger wrote:
> > 
> > It discusses some of the possible attack vectors. IMO we should make the
> > Blowfish or SHA1 based cypher the default and not ask. The only case
> 
> Then it should be SHA1, because that's the only choice various standards
> will allow (the only Approved underlying cryptographic algorithm).

Agreed. Both allow variable number of rounds to increase the time
required.

> 
> The problem is NIS.  There interoperability is a real issue, and we
> probably do need to ask.

See C&P of master.passwd :) I think it only matters on the master and
only for !root accounts. So you have enough time to choose a different
cipher after installation.

Joerg

References:
- Which password cipher ?
  - From: Joel Carnat
- Re: Which password cipher ?
  - From: Steven Bellovin
- Re: Which password cipher ?
  - From: Joerg Sonnenberger
- Re: Which password cipher ?
  - From: Thor Lancelot Simon

Prev by Date: Re: Which password cipher ?
Next by Date: Re: amd64 -current has been borked on my ASUS laptop for at least a few weeks. Suggestions wanted.
Previous by Thread: Re: Which password cipher ?
Next by Thread: Re: Which password cipher ?
Indexes:

Home | Main Index | Thread Index | Old Index