Date: Sat, 09 Jun 2012 11:28:30 +0200 From: Dimitry Andric <dim@FreeBSD.org> To: "O. Hartmann" <ohartman@zedat.fu-berlin.de> Cc: =?UTF-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= <des@des.no>, freebsd-current@FreeBSD.org, freebsd-security@FreeBSD.org Subject: Re: Default password hash Message-ID: <4FD3173E.2040505@FreeBSD.org> In-Reply-To: <4FD2FE87.1060708@zedat.fu-berlin.de> References: <86r4tqotjo.fsf@ds4.des.no> <4FD2FE87.1060708@zedat.fu-berlin.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2012-06-09 09:43, O. Hartmann wrote: > On 06/08/12 14:51, Dag-Erling Sm=C3=B8rgrav wrote: >> We still have MD5 as our default password hash, even though known-hash= >> attacks against MD5 are relatively easy these days. We've supported >> SHA256 and SHA512 for many years now, so how about making SHA512 the >> default instead of MD5, like on most Linux distributions? =2E.. > The manpage for login.conf also needs an update. I checked this morning= > and found that thye manpage doesn't even mention hashes apart from des,= > md5 and blf. Dag-Erling fixed this just yesterday :) http://svn.freebsd.org/changeset/base/236751
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FD3173E.2040505>