Date: Thu, 29 Aug 1996 12:55:21 -0600 (MDT) From: Nate Williams <nate@mt.sri.com> To: Brandon Gillespie <brandon@tombstone.sunrem.com> Cc: hackers@freebsd.org Subject: Re: 'Backwards' DES support for crypt(), while still using better algo's Message-ID: <199608291855.MAA07380@rocky.mt.sri.com> In-Reply-To: <Pine.BSF.3.91.960829114926.17349C-100000@tombstone.sunrem.com> References: <Pine.BSF.3.91.960829114926.17349C-100000@tombstone.sunrem.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm working on hacking SHA-1 encryption into passwords as '$2$' (suggested > by Poul). One thought I had was on systems that have existing passwords > with DES, where they may want to use better encryption but they dont > because right now it is either all or nothing (? as far as I can tell). Or they use DES since they need it for interoperability with other OS's. > What would be nice is to have '$0$' be DES encryption, then we could still > support better encryption while also staying functional with older > passwords If I understand you correctly, this would mean that FreeBSD's DES encrypted password would be different than any other OS's DES encrypted password field. This is a bad thing IMHO, since a very common question people ask is if FreeBSD's password field is sharable with NetBSD/BSDi, OpenBSD, SunOS, etc.. If you install the secure dist (DES) converting to/from FreeBSD's format is trivial, and by changing it you are asking for trouble. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608291855.MAA07380>