Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 07 Apr 1999 16:46:46 +0800
From:      adrian@freebsd.org
To:        Anders Andersson <anders@sanyusan.se>
Cc:        freebsd-current@freebsd.org
Subject:   Re: DES from source? 
Message-ID:  <19990407084647.29003.qmail@ewok.creative.net.au>
In-Reply-To: Your message of "Wed, 07 Apr 1999 10:51:26 %2B0200." <19990407105126.A6886@sanyusan.se>
next in thread | previous in thread | raw e-mail | index | archive | help 
Anders Andersson writes:
>* Dag-Erling Smorgrav (des@flood.ping.uio.no) [990403 17:33]:
>
>> Existing MD5 passwords will still work. New users will get DES
>> passwords.
>
>Thanks, but how do I get all my "old" users to use DES crypted passwords?

Well, the short answer is 'you get them to change their password' .
Which is true - you can't take an MD5 hash and turn it into a DES crypt,
you'll need their cleartext password first.

There are ways of achieving this in a large extent without their knowledge -
firstly run crack, see what cleartext passwords you get. That is the easiest.
My favourite though is to modify a daemon that uses cleartext authentication
(say login, or the pop3 server you're using) to log sucessful attempts to a file
which you can then troll for people's cleartext passwords, convert them to DES,
and then only ask the few people left for a new password.

>Maybe I just should purify my network to loose those DES boxes and run
>FreeBSD md5 native only, that would be more secure and faster right?

It depends entirely on the setup. I run DES purely because I have solaris
and Digital UNIX boxen running DES.

>Not necessary at all to use the crypt and secure dirs in /usr/src right?
>If you dont need DES crypt that is, or is there any other advantage?
>
>I hope not, because then I will be happy and do no more cvsup to 
>cvsup.internat.freebsd.org :-)

If you need DES then you'll have to get the sources from a non-US site.


Adrian


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990407084647.29003.qmail>