Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 09 Jun 2012 11:28:30 +0200
From:      Dimitry Andric <dim@FreeBSD.org>
To:        "O. Hartmann" <ohartman@zedat.fu-berlin.de>
Cc:        =?UTF-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= <des@des.no>, freebsd-current@FreeBSD.org, freebsd-security@FreeBSD.org
Subject:   Re: Default password hash
Message-ID:  <4FD3173E.2040505@FreeBSD.org>
In-Reply-To: <4FD2FE87.1060708@zedat.fu-berlin.de>
References:  <86r4tqotjo.fsf@ds4.des.no> <4FD2FE87.1060708@zedat.fu-berlin.de>

next in thread | previous in thread | raw e-mail | index | archive | help
On 2012-06-09 09:43, O. Hartmann wrote:
> On 06/08/12 14:51, Dag-Erling Sm=C3=B8rgrav wrote:
>> We still have MD5 as our default password hash, even though known-hash=

>> attacks against MD5 are relatively easy these days.  We've supported
>> SHA256 and SHA512 for many years now, so how about making SHA512 the
>> default instead of MD5, like on most Linux distributions?
=2E..
> The manpage for login.conf also needs an update. I checked this morning=

> and found that thye manpage doesn't even mention hashes apart from des,=

> md5 and blf.

Dag-Erling fixed this just yesterday :)

http://svn.freebsd.org/changeset/base/236751




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FD3173E.2040505>