FW: [suse-security] MD5 Passwords.
Sorry.... in suse 6.3 the MD5_CRYPT_ENAB doesn't appear in /etc/login.defs and if you enable it, suse doesn't seem to change passwords to MD5... I think this feature has been removed. (in suse 6.1 i obtained md5 passwd sucessfully) I think was removed for security, MD5 is an algorithm that has collisions, however DES does not undergo problems of collisions, although it is "in theory easy to crack" by brute force. ----- Mensaje original ----- De: "Normando Marcolongo" <normando@studenti.ing.uniroma1.it> Para: <suse-security@suse.com> Enviado: martes, 07 de marzo de 2000 12:38 Asunto: [suse-security] MD5 Passwords.
How can I enable MD5 passwords on SuSE 6.3?
Thanks in advance!
Normando.
-- Normando [enemy] Marcolongo (iW6OWQ) [] normando@studenti.ing.uniroma1.it LUG Roma - IEEE S.B. Roma - ALU [] (AX.25) IW6OWQ@IW7BNO.IPUG.ITA.EU
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
On Tue, Mar 07, |[TDP]| wrote:
Sorry.... in suse 6.3 the MD5_CRYPT_ENAB doesn't appear in /etc/login.defs and if you enable it, suse doesn't seem to change passwords to MD5... I think this feature has been removed. (in suse 6.1 i obtained md5 passwd sucessfully)
I think was removed for security, MD5 is an algorithm that has collisions, however DES does not undergo problems of collisions, although it is "in theory easy to crack" by brute force.
Since SuSE Linux 6.2 we use PAM. So the MD5 stuff from the shadow suite cannot work any longer. The pam_unix.so module we use on 6.2 and 6.3 can handle MD5 passwords. But the passwd command cannot change it in the moment. This is implemented for the upcoming SuSE Linux 6.4. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE GmbH Schanzaeckerstr. 10 90443 Nuernberg Linux is like a Vorlon. It is incredibly powerful, gives terse, cryptic answers and has a lot of things going on in the background.
On Tue, 7 Mar 2000, Thorsten Kukuk wrote:
Since SuSE Linux 6.2 we use PAM. So the MD5 stuff from the shadow suite cannot work any longer. The pam_unix.so module we use on 6.2 and 6.3 can handle MD5 passwords. But the passwd command cannot change it in the moment. This is implemented for the upcoming SuSE Linux 6.4.
Can we have a patch for the 6.3?...
-- Normando [enemy] Marcolongo (iW6OWQ) [] normando@studenti.ing.uniroma1.it LUGRoma - IEEE S.B. Roma - ALU - ??? [] (AX.25) IW6OWQ@IW7BNO.IPUG.ITA.EU
On Wed, Mar 08, Normando Marcolongo wrote:
On Tue, 7 Mar 2000, Thorsten Kukuk wrote:
Since SuSE Linux 6.2 we use PAM. So the MD5 stuff from the shadow suite cannot work any longer. The pam_unix.so module we use on 6.2 and 6.3 can handle MD5 passwords. But the passwd command cannot change it in the moment. This is implemented for the upcoming SuSE Linux 6.4.
Can we have a patch for the 6.3?...
You can find the current sources for my PAM modules always under: ftp://ftp.suse.com/pub/people/kukuk/pam/ Sometimes there is even a RPM. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE GmbH Schanzaeckerstr. 10 90443 Nuernberg Linux is like a Vorlon. It is incredibly powerful, gives terse, cryptic answers and has a lot of things going on in the background.
participants (3)
-
Normando Marcolongo -
Thorsten Kukuk -
|[TDP]|