From owner-freebsd-current Sat Feb 26 17:59:31 2000 Delivered-To: freebsd-current@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id AB67137B675; Sat, 26 Feb 2000 17:59:29 -0800 (PST) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id RAA08297; Sat, 26 Feb 2000 17:59:29 -0800 (PST) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Sat, 26 Feb 2000 17:59:28 -0800 (PST) From: Kris Kennaway To: Doug Barton Cc: current@FreeBSD.org Subject: Re: NO_DESCRYPT patch In-Reply-To: <38B88350.515F0206@gorean.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 26 Feb 2000, Doug Barton wrote: > Meanwhile, it seems that to get all the new bits we have to have > cvs-crypto in the cvsup file, yes? And if we do that currently (before > your patch) we will end up installing DES, right? Yes. The downside is that with the DES crypt library any new user passwords you create will be in the weaker DES format. Existing MD5 passwords will stay MD5 when they're updated, but new users get DES. You can hack around this easily enough (e.g. by changing the logic in libcrypt) but it's not yet available by default. If you need to have a DES-capable libcrypt this patch won't help, but most people don't need that. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message