Andrew Howell <[EMAIL PROTECTED]> writes: > After discussing security with some friends we got around to using > md5 instead of crypt.
I think you mean "instead of DES". It's the crypt(3) function that would be changed to use MD5 (MD5a). > This has been brought up before but nothing much seemed to > happen. Is debian going to switch to md5 with 1.0 or are people > opposed to this? I think switching would probably be a decent idea, although it is not of earth-shattering importance to me. I'm also concerned about doing Debian doing it alone, instead of with the cooperation of the rest of the Linux community. I am more interested in longer user names and longer password. I'm disgusted with being limited to eight characters. A little reading on using MD5 instead of DES turned up a FreeBSD web page on the topic. http://www.freebsd.org/handbook/handbook68.html BTW, I like the way their manual is set up and on the web. And I also like that it seems more geared to open contributions than the Debian manual. Dan -- Daniel Quinlan Member of the League for Programming Freedom [EMAIL PROTECTED]
