tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Changing the default localcipher in passwd.conf to argon2id

> Date: Wed, 20 Oct 2021 14:37:41 -0700
> From: Alistair Crooks <>
> I think it's a good idea, BUT I'd be a lot happier if the argon2 support
> was in a regular release (I know it's just the default cipher going
> forward, but I suspect some people have got into the nasty habit of cloning
> some of /etc from git or hg - maybe even cvs? :) - repos in some places,
> and onto various vintages of hosts)

Maybe passwd(1) should have a destdir option so if you want to update
~/config/etc/master.passwd in git/hg/cvs then you can do

passwd -D ~/config/etc agc

or something and it will use ~/config/etc/passwd.conf instead of
/etc/passwd.conf to determine localcipher?

I don't think it is generally reasonable to require all /etc defaults
to work out of the box in all supported past releases -- better to
find ways to improve configuration management than to put such a
restriction on base.

Home | Main Index | Thread Index | Old Index