From owner-freebsd-current  Fri Jan 22 06:51:44 1999
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id GAA24419
          for freebsd-current-outgoing; Fri, 22 Jan 1999 06:51:44 -0800 (PST)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from ipt2.iptelecom.net.ua (ipt2.iptelecom.net.ua [195.123.29.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA24399
          for <current@FreeBSD.ORG>; Fri, 22 Jan 1999 06:51:38 -0800 (PST)
          (envelope-from sobomax@altavista.net)
Received: from vega.pfts.com (async2-53.iptelecom.net.ua [195.123.29.118])
	by ipt2.iptelecom.net.ua (8.8.8/8.8.8) with ESMTP id QAA27109;
	Fri, 22 Jan 1999 16:51:21 +0200 (EET)
	(envelope-from sobomax@altavista.net)
Received: from altavista.net (big_brother [192.168.1.1])
	by vega.pfts.com (8.9.1/8.9.1) with ESMTP id QAA29335;
	Fri, 22 Jan 1999 16:51:14 +0200 (EET)
	(envelope-from sobomax@altavista.net)
Message-ID: <36A8907C.828FE9AF@altavista.net>
Date: Fri, 22 Jan 1999 16:51:40 +0200
From: Maxim Sobolev <sobomax@altavista.net>
X-Mailer: Mozilla 4.5 [en] (WinNT; I)
X-Accept-Language: ru,en
MIME-Version: 1.0
To: Sheldon Hearn <axl@iafrica.com>
CC: current@FreeBSD.ORG
Subject: Re: WARNING: Today's current breaks passwords
References: <437.917015124@axl.noc.iafrica.com>
Content-Type: text/plain; charset=x-user-defined
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Maybe your have switched between hashing modes (DES->MD5 or MD5->DES)?
Because hashing algorithms doesn't changing without a wide notification has
been made. Please check handbook on this subj.

Maxim

Sheldon Hearn wrote:

> This may or may not affect you.
>
> Today's installworld broke passwords for me. By that, I mean that login,
> xdm, su and friends gave authentication failures on all passwords for
> all users that I tried. I suspect this has to do with a hashing
> algorithm that isn't backward compatible.
>
> I used Kerberos to get into the machine as root and change important
> passwords to exactly what they were before. This worked. The new
> encrypted passwords are happy. :)
>
> I don't want to cause hysteria, and I can't guarantee that my report is
> accurate. All the same, do yourself a favour on your next installworld:
>
>         Make SURE you have an open root session somewhere. Do NOT hide
>         it behind xlock, and do NOT use lock(1) to keep it safe.
>
>         This will allow you to passwd(1) to create new encrypted
>         passwords for your users.
>
>         If you have shell accounts that need access to the box and you
>         don't want to have to rehash all their passwords, hold off on
>         installworld until someone calls me a liar, or a fix is
>         committed.
>
> Ciao,
> Sheldon.
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-current" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message