NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/46226: underscore character ignored at the end of password
The following reply was made to PR bin/46226; it has been noted by GNATS.
From: Matthew Mondor <mm_lists%pulsar-zone.net@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc:
Subject: Re: bin/46226: underscore character ignored at the end of password
Date: Mon, 19 Mar 2012 08:21:46 -0400
On Mon, 19 Mar 2012 13:57:44 +0200
Wladimir Sidorenko <wlsidorenko%gmail.com@localhost> wrote:
> The whole new password was considered including the 9-th character. I beg
> your pardon for this trouble. Unfortunately I couldn't find any mention of
> this limitation neither in man page for passwd nor for passwd.conf. A
> friend of mine told me that this limit could have been mentioned during the
> installation procedure. But I can't remember now whether it was.
If you installed using the installer, I'm surprised that old was the
default, however.
But this topic was recently discussed on IRC and it seems that most
people would prefer sysinst to stop asking which cipher to use in the
future and default to sha1.
I think that I agree, as crypt(3) is backwards-compatible (supports
various hash types and can recognize them), and someone who wants to
generate a password database for an old or specific system can do so by
manually configuring passwd.conf(5).
However, it seems that for some modern systems the default number of
rounds is small. Raising this would however affect login performance
considerably on slow systems, though. I wonder if it'd make sense to
consider using a bogomips type heuristic in sysinst to set a decent
value...
--
Matt
Home |
Main Index |
Thread Index |
Old Index