Subject: Re: Longer passwords
To: None <tech-security@netbsd.org>
From: Andrew Doran <ad@netbsd.org>
List: tech-security
Date: 09/26/2000 13:35:01
  by mail.netbsd.org with SMTP; 28 Sep 2000 07:58:17 -0000
	by wombat.cs.rmit.edu.au (8.9.3/8.9.3/cshub) id SAA03819
	for tech-security@netbsd.org; Thu, 28 Sep 2000 18:58:13 +1100 (EST)
Approved: eat-raw-chocolate
Date: Tue, 26 Sep 2000 13:35:01 +0000
From: Andrew Doran <ad@netbsd.org>
To: tech-security@netbsd.org
Subject: Re: Longer passwords
Message-ID: <20000926133500.A26577@amnesiac.corp.digex.com>
References: <39C277982A5.6FF4ADMIN@mail.cordef.com.pl> <20000917160757.A10312@antioche.eu.org> <20000917234116.222904@proven.weird.com> <20000918165626.C53834@netbsd.org> <20000918200149.3A9F64@proven.weird.com> <969973101.26426@maschndrohtzaun.emsi.priv.at>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <969973101.26426@maschndrohtzaun.emsi.priv.at>; from mjl@nospam.office.emsi.priv.at on Tue, Sep 26, 2000 at 12:58:21PM +0000

"Martin J. Laubach" <mjl@nospam.office.emsi.priv.at> wrote:

> I really think that the password algorithm selection should go into
> login.conf, as there is prior art (Free and BSDI do it, don't know about
> Open).

passwd.conf differentiates between YP and local passwords - this is one of
the major reasons it was integrated. It's not clear as to how it should be
dealt with using login.conf; how does BSD/OS handle it?

FTR passwd.conf came from OpenBSD.