Re: WARNING: Today's current breaks passwords
Maybe your have switched between hashing modes (DES-MD5 or MD5-DES)? Because hashing algorithms doesn't changing without a wide notification has been made. Please check handbook on this subj. Maxim Sheldon Hearn wrote: This may or may not affect you. Today's installworld broke passwords for me. By that, I mean that login, xdm, su and friends gave authentication failures on all passwords for all users that I tried. I suspect this has to do with a hashing algorithm that isn't backward compatible. I used Kerberos to get into the machine as root and change important passwords to exactly what they were before. This worked. The new encrypted passwords are happy. :) I don't want to cause hysteria, and I can't guarantee that my report is accurate. All the same, do yourself a favour on your next installworld: ??? Make SURE you have an open root session somewhere. Do NOT hide ??? it behind xlock, and do NOT use lock(1) to keep it safe. ??? This will allow you to passwd(1) to create new encrypted ??? passwords for your users. ??? If you have shell accounts that need access to the box and you ??? don't want to have to rehash all their passwords, hold off on ??? installworld until someone calls me a liar, or a fix is ??? committed. Ciao, Sheldon. To Unsubscribe: send mail to majord...@freebsd.org with unsubscribe freebsd-current in the body of the message To Unsubscribe: send mail to majord...@freebsd.org with unsubscribe freebsd-current in the body of the message
Re: WARNING: Today's current breaks passwords
hi, there! On Fri, 22 Jan 1999, Sheldon Hearn wrote: This may or may not affect you. Today's installworld broke passwords for me. By that, I mean that login, xdm, su and friends gave authentication failures on all passwords for all users that I tried. I suspect this has to do with a hashing algorithm that isn't backward compatible. is RELENG_3 affected too? /fjoe To Unsubscribe: send mail to majord...@freebsd.org with unsubscribe freebsd-current in the body of the message
Re: WARNING: Today's current breaks passwords
On Fri, 22 Jan 1999 16:51:40 +0200, Maxim Sobolev wrote: Maybe your have switched between hashing modes (DES-MD5 or MD5-DES)? Possibly that's what's happened, but it certainly isn't something I did deliberately. Because hashing algorithms doesn't changing without a wide notification has been made. Please check handbook on this subj. Really? You been watching your cvs commit mail? :) Ciao, Sheldon. To Unsubscribe: send mail to majord...@freebsd.org with unsubscribe freebsd-current in the body of the message
RE: WARNING: Today's current breaks passwords
-Original Message- From: Sheldon Hearn [mailto:a...@iafrica.com] Sent: Friday, January 22, 1999 3:17 PM To: Maxim Sobolev Cc: curr...@freebsd.org Subject: Re: WARNING: Today's current breaks passwords On Fri, 22 Jan 1999 16:51:40 +0200, Maxim Sobolev wrote: Maybe your have switched between hashing modes (DES-MD5 or MD5-DES)? Possibly that's what's happened, but it certainly isn't something I did deliberately. It happened to me too. Did a cvsupdate after the tag and Matt's code was commited, did a make world, built a new kernel, rebooted and couldn't log in! After changing root's password it went from being DES to SHA1 so I suspect it's failing to honour the existing hash algorithm and trying to use SHA1 regardless. Brandon looks like he's been around here recently, like yesterday when it happened :-). Paul. To Unsubscribe: send mail to majord...@freebsd.org with unsubscribe freebsd-current in the body of the message
