Hi,
I've a requirement to change the default algorithm for password encryption on
my solaris 10 machine. I learnt that changing "CRYPT_DEFAULT" attribute in
/etc/security/policy.conf file would do it. I don't have any issues when
default crypt algorithm is set to BSDMD5 (1), Blowfish (2a) and SUNMD5(md5).
However, when default crypt algorithm is set to SHA-256 (5) or SHA-512 (6), I'm
able to create a new user successfully and also the new password created is
hashed using the SHA algorithm. But the issue is that? i'm unable to login to
the new user whose password is being hashed using SHA-256 or SHA-512.
Below is the /etc/security/policy.conf
file:
CRYPT_ALGORITHMS_ALLOW=1,2a,md5,5,6
CRYPT_ALGORITHMS_DEPRECATE=__unix__
CRYPT_DEFAULT=5
or
CRYPT_DEFAULT=6
Could anybody please tell me the root cause and suggest the solution ?
Any help is greatly appreciated.
Thanks in Advance,
KrishnaMohan
From cricket scores to your friends. Try the Yahoo! India Homepage!
http://in.yahoo.com/trynew
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://mail.opensolaris.org/pipermail/security-discuss/attachments/20091021/15cc8b14/attachment.html>
