Feature changed by: Robert Davies (robopensuse) Feature #312321, revision 7 Title: Replace blowfish with sha512 as password hash openSUSE Distribution: Implementation Priority Requester: Important Requested by: Thorsten Kukuk (kukuk) Partner organization: openSUSE.org Description: Since upstream has meanwhile a good replacement for DES crypt (sha256 and sha512), we should follow the other distributions and switch to sha512 as default password hash for local accounts. For openSUSE this means: * Make sha512 the new password hash (pwdutils, YasT2? * Stay with blowfish patch in glibc libcrypt to allow people with blowfish hash to login * Remove blowfish as option from YaST2 * Drop libxcrypt Discussion: #1: Bruno Friedmann (bruno_friedmann) (2011-05-17 17:24:55) Want to add me as interested but get an error Errorcode: 0 Message: undefined method `next=' for nil:NilClass #2: Thomas Schmidt (digitaltomm) (2011-05-17 17:35:32) (reply to #1) Please try again, that was caused because the product openSUSE 11.5 was not created completely. #3: Thorsten Kukuk (kukuk) (2011-05-18 15:21:35) pwdutils is adjusted. Lukas, can you please remove blowfish from YaST2 as option to choose and link yast2-core against libcrypt and not libxcrypt? #4: Ludwig Nussel (lnussel) (2011-07-06 14:56:32) (reply to #3) I've filed a separate feature for dropping libxcrypt as a clean solution requires a glibc with gensalt functions to avoid copies of them everywhere -> 312617. + #5: Robert Davies (robopensuse) (2011-07-06 15:26:42) + Background for those who haven't seen it. + Migration of current from "blowfish" hashed passwords, ought to be + mandatory, because of the sign extension bug that's been found (in + "John the Ripper". As, current user passwords would have to be changed + anyway, it makes sense to force migrate to sha512 anyway as part of + update. + See "A hole in crypt_blowfish" http://lwn.net/Articles/448699/ + (http://lwn.net/Articles/448699/) for explanation of the problem & + discussion. Executive summary "crypt_blowfish developer Alexander + Peslyak (aka Solar Designer) analyzed the effects of the bug and found + that some password pairs would hash to the same value with only minimal + differences (e.g. "ab£" hashed to the same value as "£"), which would + make password cracking easier. A further analysis shows that some + characters appearing just before one with the high bit set may be + effectively ignored when calculating the hash." -- openSUSE Feature: https://features.opensuse.org/312321