Bug#237610: installer creates only DES encrypted passwords
Package: debian-installer Version: 20040310 The installer creates only DES encrypted passwords. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#237610: installer creates only DES encrypted passwords
The installer asks the password for root and optionally the password for the normal user account. These passwords are saved in /etc/shadow. However, they are NOT encrypted with MD5 (i.e. strings beginning with $1$ in /etc/shadow), but with DES. When you change passwords via passwd, they are encrypted using MD5 correctly. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#237610: installer creates only DES encrypted passwords
On Fri, Mar 12, 2004 at 12:11:14PM +0100, Florian Effenberger wrote: Package: debian-installer Version: 20040310 The installer creates only DES encrypted passwords. Please elaborate. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#237610: installer creates only DES encrypted passwords
Sorry for the confusion ;) What I meant was that passwd after installation CORRECTLY creates MD5 sums due to the CORRECT md5 entry in the appropriate PAM file. So: PAM is just fine. Only the installer has a bug. It's not creating MD5 passwords. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#237610: installer creates only DES encrypted passwords
On Fri, Mar 12, 2004 at 12:51:44PM +0100, Florian Effenberger wrote: The installer asks the password for root and optionally the password for the normal user account. These passwords are saved in /etc/shadow. However, they are NOT encrypted with MD5 (i.e. strings beginning with $1$ in /etc/shadow), but with DES. When you change passwords via passwd, they are encrypted using MD5 correctly. Thanks. Earlier today there was bug 237526 it mentions PAM. Is PAM still relevant? If yes, tell more about PAM If not, then I'm wasting time of the people who are spending time on this bugreport. Cheers Geert Stappers -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#237610: installer creates only DES encrypted passwords
Geert Stappers wrote: On Fri, Mar 12, 2004 at 12:51:44PM +0100, Florian Effenberger wrote: The installer asks the password for root and optionally the password for the normal user account. These passwords are saved in /etc/shadow. However, they are NOT encrypted with MD5 (i.e. strings beginning with $1$ in /etc/shadow), but with DES. When you change passwords via passwd, they are encrypted using MD5 correctly. This is a bug in passwd, which was fixed in a recent version that is not yet in testing. -- see shy jo signature.asc Description: Digital signature
