Mailinglist Archive: opensuse-bugs (4216 mails)

< Previous Next >
[Bug 743715] New: Yast New User Uses MD5, Initial System Config Used SHA512
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Fri, 27 Jan 2012 00:06:46 +0000
  • Message-id: <bug-743715-21960@http.bugzilla.novell.com/>

https://bugzilla.novell.com/show_bug.cgi?id=743715

https://bugzilla.novell.com/show_bug.cgi?id=743715#c0


Summary: Yast New User Uses MD5, Initial System Config Used
SHA512
Classification: openSUSE
Product: openSUSE 12.1
Version: Final
Platform: x86-64
OS/Version: SuSE Other
Status: NEW
Severity: Normal
Priority: P5 - None
Component: YaST2
AssignedTo: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: andrew@xxxxxxxxxx
QAContact: jsrain@xxxxxxxx
Found By: ---
Blocker: ---


User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.7 (KHTML,
like Gecko) Chrome/16.0.912.77 Safari/535.7

I just (re-)installed OpenSuse 12.1. When I added the initial user and root
the default setting was SHA512, and that checks with the entries in /etc/shadow
($6$ prefix, as documented in man crypt).

However, I then added another user via Yast, and that user was added with an
MD5 ($1$ prefix).

It's not clear to me whether this is a problem or not. MD5 isn't that great a
choice these days and I would have expected SHA512 to be used consistently, if
it was selected during install.

As far as I know I haven't changed any settings (I cannot find anywhere in
sysconfig that specified this; nor can I find anything in Yast that can change
what is used when a new user is added).

Reproducible: Always

Steps to Reproduce:
1. Install with default settings and note the $6$ prefixes in /etc/shadow
2. Add a new user with Yast and see the $1$ prefix
3. Profit!
Actual Results:
Here are relevant entries from my system. I've replaced some values with Xs.
"andrew" was added during install; "test" was added afterwards.

andrew:$6$XXXXXXXXXXXXXXXXXXX/XXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:15365:0:99999:7:::
test:$1$XXXXXXXXXXXXXXXXXX:15365:0:99999:7:::


Expected Results:
I'd expect both lines to contain $6$.

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >