From owner-freebsd-questions Mon Apr 3 22:53: 0 2000 Delivered-To: freebsd-questions@freebsd.org Received: from cytosine.dhs.org (cx272244-a.orng1.occa.home.com [24.1.177.149]) by hub.freebsd.org (Postfix) with ESMTP id E76E837B758 for ; Mon, 3 Apr 2000 22:52:56 -0700 (PDT) (envelope-from bhishan@cytosine.dhs.org) Received: (from bhishan@localhost) by cytosine.dhs.org (8.10.0/8.10.0) id e345qpr01384; Mon, 3 Apr 2000 22:52:51 -0700 (PDT) From: Bhishan Hemrajani Message-Id: <200004040552.e345qpr01384@cytosine.dhs.org> Subject: Re: only 8 chars of password needed to login In-Reply-To: <20000404012607.A623@rjk191.rh.psu.edu> from Ray Kohler at "Apr 4, 2000 01:26:07 am" To: rjk191@psu.edu Date: Mon, 3 Apr 2000 22:52:51 -0700 (PDT) Cc: freebsd-questions@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL61 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Is there any way to make it use md5 passwords as the default? --bhishan > On Mon, Apr 03, 2000 at 09:48:13PM -0700, Bhishan Hemrajani wrote: > > I have a problem with user's passwords on my > > system. I'm not sure if it is an error in my > > setting up FreeBSD, or a security hole. > > > > What happens is, I set a password for a user > > that is 10chars long. But, when I login, I can > > just enter 8chars and anything after that, or just > > the 8chars and it will let me log in. > > The reason for this is that you are using DES passwords. The 8 > character limit is a function of that system. If you want to fix it, > do this: Use vipw (as root) to open /etc/passwd. For each account > that you want to fix, add the string "$1$" to the beginning to the > encrypted password string. Quit vipw, and then run passwd to set the > right password for each user you changed. The reason this works is > that the crypt library searches for the string "$1$" at the > beginning of the password to figure out if it is md5. Once you put > it there once, the system will preserve it, thus allowing you to use > md5 passwords (which can be longer than 8 characters). > > -- > Ray Kohler > When you're not looking at it, this fortune is written in FORTRAN. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message