Subject: Re: default passwd.conf file
To: None <>
From: gabriel rosenkoetter <>
List: tech-security
Date: 04/13/2002 17:54:19
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

> On 13 Apr 2002, Perry E. Metzger wrote:

On Sat, Apr 13, 2002 at 01:49:18PM -0700, Jeremy C. Reed wrote:
> Sounds good to use md5 by default.

I agree.

> What about making it the default for pw_getconf(3) instead?

Good call.

> (And not having a /etc/passwd.conf in place by default.)

Bad call.

The point of passwd.conf is that it's configurable. And if somebody
comes up with a better cipher than md5, we wouldn't want to have to
recompile everything just to play with it in our own passwd files,
now would we?

gabriel rosenkoetter

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.6 (NetBSD)
Comment: For info see