https://bugzilla.novell.com/show_bug.cgi?id=743715 https://bugzilla.novell.com/show_bug.cgi?id=743715#c0 Summary: Yast New User Uses MD5, Initial System Config Used SHA512 Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: x86-64 OS/Version: SuSE Other Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: andrew@acooke.org QAContact: jsrain@suse.com Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.77 Safari/535.7 I just (re-)installed OpenSuse 12.1. When I added the initial user and root the default setting was SHA512, and that checks with the entries in /etc/shadow ($6$ prefix, as documented in man crypt). However, I then added another user via Yast, and that user was added with an MD5 ($1$ prefix). It's not clear to me whether this is a problem or not. MD5 isn't that great a choice these days and I would have expected SHA512 to be used consistently, if it was selected during install. As far as I know I haven't changed any settings (I cannot find anywhere in sysconfig that specified this; nor can I find anything in Yast that can change what is used when a new user is added). Reproducible: Always Steps to Reproduce: 1. Install with default settings and note the $6$ prefixes in /etc/shadow 2. Add a new user with Yast and see the $1$ prefix 3. Profit! Actual Results: Here are relevant entries from my system. I've replaced some values with Xs. "andrew" was added during install; "test" was added afterwards. andrew:$6$XXXXXXXXXXXXXXXXXXX/XXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:15365:0:99999:7::: test:$1$XXXXXXXXXXXXXXXXXX:15365:0:99999:7::: Expected Results: I'd expect both lines to contain $6$. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.