Feature changed by: Ludwig Nussel (lnussel) Feature #312321, revision 6 Title: Replace blowfish with sha512 as password hash - openSUSE 11.5: Evaluation by engineering manager + openSUSE Distribution: Implementation Priority Requester: Important - Projectmanager: Mandatory Requested by: Thorsten Kukuk (kukuk) Partner organization: openSUSE.org Description: Since upstream has meanwhile a good replacement for DES crypt (sha256 and sha512), we should follow the other distributions and switch to sha512 as default password hash for local accounts. For openSUSE this means: * Make sha512 the new password hash (pwdutils, YasT2? * Stay with blowfish patch in glibc libcrypt to allow people with blowfish hash to login * Remove blowfish as option from YaST2 * Drop libxcrypt Discussion: #1: Bruno Friedmann (bruno_friedmann) (2011-05-17 17:24:55) Want to add me as interested but get an error Errorcode: 0 Message: undefined method `next=' for nil:NilClass #2: Thomas Schmidt (digitaltomm) (2011-05-17 17:35:32) (reply to #1) Please try again, that was caused because the product openSUSE 11.5 was not created completely. #3: Thorsten Kukuk (kukuk) (2011-05-18 15:21:35) pwdutils is adjusted. Lukas, can you please remove blowfish from YaST2 as option to choose and link yast2-core against libcrypt and not libxcrypt? + #4: Ludwig Nussel (lnussel) (2011-07-06 14:56:32) (reply to #3) + I've filed a separate feature for dropping libxcrypt as a clean + solution requires a glibc with gensalt functions to avoid copies of + them everywhere -> 312617. -- openSUSE Feature: https://features.opensuse.org/312321