Daniel Quinlan writes:
> I think you mean "instead of DES". It's the crypt(3) function that
> would be changed to use MD5 (MD5a).
Yes, wasn't thinking straight obviously.
> I think switching would probably be a decent idea, although it is not
> of earth-shattering importance to me. I'm also concerned about doing
> Debian doing it alone, instead of with the cooperation of the rest of
> the Linux community.
Though it would be nice if the whole community switched I don't think
it's that great a deal whether they do or not, us using MD5 and others
using DES shouldn't lead to any incompatibilties or problems as far
as I can see.
> I am more interested in longer user names and longer password. I'm
> disgusted with being limited to eight characters.
Yes, MD5 obviously makes the system that much more secure from attempts
at using crack on a passwd file. MD5 being much slower than DES and also
just the fact that you can't count on the password being 8 characters long
anymore would make it a quite a more difficult process.
Andrew
--
Dehydration - 34%, Recollection of previous evening - 2%, embarrassment
factor - 91%. Advise repair schedule:- off line for 36 hours, re-boot
startup disk, and replace head - wow, what a night!
-- Kryten in Red Dwarf `The Last Day'
Andrew Howell [EMAIL PROTECTED]
Perth, Western Australia [EMAIL PROTECTED]
