Date: Wed, 10 Jan 2001 13:49:20 +0100 From: Frank Bartels <knarf@camelot.de> To: Kal Torak <kaltorak@quake.com.au> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: NODESCRYPTLINKS=true Message-ID: <20010110134920.N34155@camelot.de> In-Reply-To: <3A5C4DB9.1C9F0949@quake.com.au>; from kaltorak@quake.com.au on Wed, Jan 10, 2001 at 10:55:37PM %2B1100 References: <20010110122150.A95886@camelot.de> <3A5C4DB9.1C9F0949@quake.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
--SuSGaIqs99hP22V3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Heya Kal, On Wed, Jan 10, 2001 at 10:55:37PM +1100, Kal Torak wrote: > Frank Bartels wrote: > > we still use DES passwords on our system. If I do a make world > > (4.2-STABLE), the libcrypt links in /usr/lib are replaced by ones > > to libscript. I found NODESCRYPTLINKS=3Dtrue in /etc/defaults/make.conf > > and have put it into /etc/make.conf. But the links still get > > replaced. > >=20 > > The bad thing is, I cannot login after a reboot. I _think_ libscrypt > > was able to detect des/md5 passwords in 3.x and logins were still > > possible. > >=20 > > Is there a complete documentation about libcrypt, libscrypt, > > libdescrypt, passwd_format=3Ddes and the upgrading procedure from > > 3.x to 4.x? >=20 > Hmmm, did you cvsup and install the crypto dists? They used to be > export restricted until recently so if you have an old sup file > it probably dosent get them... I've installed 4.2-RELEASE (bin+crypto), took the stable-supfile from /usr/share/examples/cvsup and changed the host and compress lines, cvsupped (from my own cvsup-mirror) and ran make world. As I understand, there is no longer a separated crypto tree. My own cvsup-mirror seems to be okay, as running cvsup -h cvsup.de.freebsd.org does not make changes to my local source tree. > If the crypto dist is installed the default password scheme used > is DES, but the system should be able to understand both DES and > MD5 passwords... I know it should, but it does not. > /usr/src/UPDATING is a good place to find out about the procedure... The information is not really helpful for my problem (I check UPDATING often). So there are still two questions: - why are the links replaced? - why does my libscrypt not understand DES passwords? My make.conf says: NODESCRYPTLINKS=3Dtrue # do not replace libcrypt -> libscrypt links NOPROFILE=3D true # Avoid compiling profiled libraries MAKE_IDEA=3D YES # IDEA (128 bit symmetric encryption) USA_RESIDENT=3D NO Bye, Knarf --=20 Frank Bartels | Tel: +49-89-849308-0 | CameloT - Der "sagenhafte" knarf@camelot.de | http://www.camelot.de/ | Internet-Provider --SuSGaIqs99hP22V3 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia iQEVAwUBOlxaUP1lXGS2C2FpAQEkzQf/YqxzaHEcQJ3ZF+7C+IiJRIscqxb6MvH5 hGZn6VGebq/gK/J29/txnY4mXhOfowJImwYlSm0DHKk5S7/obB7ckogUYGjiHl/N GFcNRhTOC9BzsvPIozkxIGPsgYsuOkAvHEj5V3TANd1blnLLVZ1K5P7SEJ65vns2 fGfbkrEW5lbqGXnyrNDSDu8YuJlbWcKyHpDxiL5gh6R26Xxo/MuRL8JZtWsGEvZH 1m2LdZZoc8sgHH9lDV6OsEPK4+Gpa9RoMo95w5Gj9wI+WMxLUdG5yzyyCFp5okF3 xzxR5p67J28qqaR4H+y8yg03jg+6blGruUH50h38Y6QK406IX8Y+eA== =yVGf -----END PGP SIGNATURE----- --SuSGaIqs99hP22V3-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010110134920.N34155>