In message <200302091948.OAA04647@Sparkle.Rodents.Montreal.QC.CA>, der Mouse wr
ites:
>>> such as the blowfish password algorithm?
>> The passwd algortithms are not part of the kernel,
>
>Right.
>
>> NetBSD [...] supports MD5 (in addidition to the historical 3DES).
>
>The historical algorithm is DES-based, not 3DES-based.  It does use
>multiple iterations of DES, in a manner very vaguely reminiscent of
>3DES, but it's not really fair to call it 3DES-based.  (It's also a
>slightly mutated DES.)

Yes.  The justification is described in a Morris and Thompson paper 
that's supposed to be in /usr/share/doc/smm/17.password -- it would be 
very nice if it were there (hint, hint).

http://citeseer.nj.nec.com/morris79password.html has it, for those who 
can't wait...


		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)