On Thu, 18 Nov 1999, you wrote:
-:~>> It should be fixed of course but why would anyone want to not use MD5
-:~>> and shadow passwords?
-:~>
-:~> If you have a passwd file maintenance system with dozens (or
-:~>hundreds) of users, you may not want to force everybody to re-create their
-:~>passwords when you can just copy the old passwd file.
-
-What is a problem with copying the passwd+shadow? By the way, could
-someone explain me what are the MD5 passwords?
MD5 is a method for creating a cryptographic hash of an input value.
"Normal" UNIX passwords are encrypted using DES and a randomly
generated 2 byte salt value. See man crypt for a brief discussion of
the process.
The MD5 hash is a much stronger method at least in the sense it is
more resistant to dictionary attacks. In some recent tests I did
using a PII-450 running Mandrake 6.0 and john the ripper, the MD5 hash
look about 10 times as long to yield as DES.
--
Stephen Carville
----------------------------------------------------
A well educated citizenry, being essential to the maintenance of a free
society, the right of the people, to keep and read books shall not be
infringed.
