Subject: Re: default passwd.conf file
To: Steven M. Bellovin <>
From: Lubomir Sedlacik <>
List: tech-security
Date: 04/14/2002 16:30:58
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


On Sun, Apr 14, 2002 at 10:11:41AM -0400, Steven M. Bellovin wrote:
> In message <>, Andrew Brown
> writes:
> >
> > Incidentally, why isn't this in login.conf instead?=20
> >
> > Is there some reason to have NetBSD's login.conf be different from
> > other login.conf implementations for just how passwords are stored?
> I've been asking that for a *long* time.  I haven't yet seen a
> satisfactory answer, either.
> [...]=20
> Also (and as noted by others) there are other things in NetBSD's
> login.conf that only affect passwd, such as passwordtime and
> minpasswordlen.

but that's something different, because you define login *classes* in
login.conf and thus you can specify different passwordtime and
minpasswordlen for different users.

i don't think there is a reason to put this into login.conf because it
has nothing to do with login classes, it defines *system* behaviour wrt
password encryption algorithm.


-- Lubomir Sedlacik <>   ASCII Ribbon campaign against  /"\=
--                  <>   e-mail in gratuitous HTML and  \ /=
--                                       Microsoft proprietary formats   X =
-- PGPkey:                                  / \=
-- Key Fingerprint: DBEC 8BEC 9A90 ECEC 0FEF  716E 59CE B70B 7E3B 70E2     =

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.6 (NetBSD)
Comment: For info see