Re: [OpenWrt-Devel] r46816, remove unused crypt() algorithms -> switch to sha512?

On 2015-09-15 10:00, Felix Fietkau wrote: > On 2015-09-15 08:20, Etienne Champetier wrote: >> Hi, >> >> Le 15 sept. 2015 01:40, "Felix Fietkau" > > a écrit : >>> >>> On 2015-09-15 00:22, Etienne Champetier wrote: >>> > Hi Felix, >>> > >>> > Maybe we should keep sha512 and

Re: [OpenWrt-Devel] r46816, remove unused crypt() algorithms -> switch to sha512?

On 2015-09-15 08:20, Etienne Champetier wrote: > Hi, > > Le 15 sept. 2015 01:40, "Felix Fietkau" > a écrit : >> >> On 2015-09-15 00:22, Etienne Champetier wrote: >> > Hi Felix, >> > >> > Maybe we should keep sha512 and switch to it? md5 is not best security >> > practice

Re: [OpenWrt-Devel] r46816, remove unused crypt() algorithms -> switch to sha512?

Hi, Le 15 sept. 2015 01:40, "Felix Fietkau" a écrit : > > On 2015-09-15 00:22, Etienne Champetier wrote: > > Hi Felix, > > > > Maybe we should keep sha512 and switch to it? md5 is not best security > > practice these days. > I don't see the point. It's true that for file integrity purposes, md5 >

Re: [OpenWrt-Devel] r46816, remove unused crypt() algorithms -> switch to sha512?

On 2015-09-15 00:22, Etienne Champetier wrote: > Hi Felix, > > Maybe we should keep sha512 and switch to it? md5 is not best security > practice these days. I don't see the point. It's true that for file integrity purposes, md5 is weaker than sha512, but for salted passwords it should not make muc

[OpenWrt-Devel] r46816, remove unused crypt() algorithms -> switch to sha512?

Hi Felix, Maybe we should keep sha512 and switch to it? md5 is not best security practice these days. I've checked, ubuntu 14.04 and fedora 22 both use sha512 in /etc/shadow I wonder if AF_ALG can be of any interest here (integrate needed algo by default into the kernel, then patch core software