Date: Thu, 29 Aug 1996 16:43:08 -0600 (MDT) From: Nate Williams <nate@mt.sri.com> To: Brandon Gillespie <brandon@tombstone.sunrem.com> Cc: Nate Williams <nate@mt.sri.com>, hackers@freebsd.org Subject: Re: 'Backwards' DES support for crypt(), while still using better , algo's Message-ID: <199608292243.QAA08995@rocky.mt.sri.com> In-Reply-To: <Pine.BSF.3.91.960829154946.18074B-100000@tombstone.sunrem.com> References: <199608292126.PAA08439@rocky.mt.sri.com> <Pine.BSF.3.91.960829154946.18074B-100000@tombstone.sunrem.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Brandon Gillespie writes: > On Thu, 29 Aug 1996, Nate Williams wrote: > > This is a non-standard case. Most folks have all of one or the other. > > Yes, but ONLY because we dont have any other option! > > Once again, what I am suggesting is that--WHEN USING FreeBSD-centric > password files--we have a package that you can drop in for DES passwords > WITH the FreeBSD centric format. Right now when you drop DES in DES > becomes the default, and from that point forward everything is DES, > although it will still read MD5 passwords changing a password will make > it a DES password. Right, and if you modify the default to MD5, it will still read DES and MD5 passwords and changes becomes MD5 passwords. This works *right* now. Change the default to SH5 (??) and it'll still read MD5, DES, and SH5 passwords and write out the new passwords scheme, but the idea is that we *read* everything but only write out the default. This is the way it is now. There is no need to add a special 'token' to the DES passwords for this to work. The token is used merely to recognize non-DES passwords, at which point you can use any # of tokens to use progressively more advanced encryption methods. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608292243.QAA08995>