Re: Which password cipher ?

To: Matthew Mondor <mm_lists%pulsar-zone.net@localhost>
Subject: Re: Which password cipher ?
From: Steven Bellovin <smb%cs.columbia.edu@localhost>
Date: Wed, 1 Dec 2010 22:28:19 -0500

On Dec 1, 2010, at 10:15 33PM, Matthew Mondor wrote:

> On Thu, 2 Dec 2010 00:02:32 +0100
> Joerg Sonnenberger <joerg%britannica.bec.de@localhost> wrote:
> 
>> Blowfish or SHA1 based cypher the default and not ask. The only case
>> where the cipher really matters (other than security against cracking)
>> is interoperability with !NetBSD systems. In that case it only matters
> 
> I think I remember seeing a prefix in the hashes so that crypt(3) knows
> what mode it is dealing with.  If that still holds, copying an old
> or alien passwd file would most probably work as-is, IMO...

Correct, but a NetBSD file with SHA1 won't work on other systems.


                --Steve Bellovin, http://www.cs.columbia.edu/~smb

References:
- Which password cipher ?
  - From: Joel Carnat
- Re: Which password cipher ?
  - From: Steven Bellovin
- Re: Which password cipher ?
  - From: Joerg Sonnenberger
- Re: Which password cipher ?
  - From: Matthew Mondor

Prev by Date: daily CVS update output
Next by Date: Re: Which password cipher ?
Previous by Thread: Re: Which password cipher ?
Next by Thread: Re: Which password cipher ?
Indexes:

Home | Main Index | Thread Index | Old Index