Re: bin/46226: underscore character ignored at the end of password

To: gnats-bugs%NetBSD.org@localhost
Subject: Re: bin/46226: underscore character ignored at the end of password
From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
Date: Mon, 19 Mar 2012 12:53:25 +0100

On Mon, Mar 19, 2012 at 11:20:06AM +0000, David Holland wrote:
>  On Mon, Mar 19, 2012 at 10:40:05AM +0000, Manuel Bouyer wrote:
>   >  I think that, by default, localcipher is 'old'. With this cipher, only
>   >  the 8 first characters of password are used. So in your test case,
>   >  it's the 9th caracter which is ignored, whatever it is.
>  
>  If so, is there any reason we shouldn't change that? Neither the old
>  cipher nor 8-character passwords are a very good choice these days.

AFAIK sysinst will choose sha1 cipher by default, and install an
appropriate passwd.conf. I'm not sure changing existing passwd.conf on
upgrade, nor changing the default cipher when no passwd.conf is
present is a good idea. This could give unexpected results for
users upgrading an existing system.

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--

References:
- Re: bin/46226: underscore character ignored at the end of password
  - From: David Holland

Prev by Date: port-i386/46227: Opera shows garbage in Google mail
Next by Date: Re: bin/46226: underscore character ignored at the end of password
Previous by Thread: Re: bin/46226: underscore character ignored at the end of password
Next by Thread: Re: bin/46226: underscore character ignored at the end of password
Indexes:

Home | Main Index | Thread Index | Old Index