CVS commit: src

Tue, 26 Oct 2021 13:44:53 -0700 

Module Name:    src
Committed By:   nia
Date:           Tue Oct 26 20:44:46 UTC 2021

Modified Files:
        src/etc: passwd.conf
        src/share/man/man5: passwd.conf.5

Log Message:
passwd.conf(5): switch default cipher for new user accounts to Argon2id

As well as offering a dynamic amount of iterations and memory usage,
which fits well with NetBSD's goal of running on a diverse range of
hardware devices, Argon2id offers improved resistance to GPU-based
password cracking and side channel attacks.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/etc/passwd.conf
cvs rdiff -u -r1.12 -r1.13 src/share/man/man5/passwd.conf.5

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/etc/passwd.conf
diff -u src/etc/passwd.conf:1.3 src/etc/passwd.conf:1.4
--- src/etc/passwd.conf:1.3	Fri Dec  3 21:40:04 2010
+++ src/etc/passwd.conf	Tue Oct 26 20:44:45 2021
@@ -1,9 +1,9 @@
-#	$NetBSD: passwd.conf,v 1.3 2010/12/03 21:40:04 jmmv Exp $
+#	$NetBSD: passwd.conf,v 1.4 2021/10/26 20:44:45 nia Exp $
 #
 # passwd.conf(5) -
 #	password configuration file
 #
 
 default:
-	localcipher = sha1
+	localcipher = argon2id
 	ypcipher = old

Index: src/share/man/man5/passwd.conf.5
diff -u src/share/man/man5/passwd.conf.5:1.12 src/share/man/man5/passwd.conf.5:1.13
--- src/share/man/man5/passwd.conf.5:1.12	Tue Oct 12 11:08:14 2021
+++ src/share/man/man5/passwd.conf.5	Tue Oct 26 20:44:45 2021
@@ -1,4 +1,4 @@
-.\"	$NetBSD: passwd.conf.5,v 1.12 2021/10/12 11:08:14 nia Exp $
+.\"	$NetBSD: passwd.conf.5,v 1.13 2021/10/26 20:44:45 nia Exp $
 .\"
 .\" Copyright 1997 Niels Provos <[email protected]>
 .\" All rights reserved.
@@ -28,7 +28,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd October 12, 2021
+.Dd October 26, 2021
 .Dt PASSWD.CONF 5
 .Os
 .Sh NAME
@@ -139,3 +139,12 @@ in
 .Pa /etc/passwd.conf
 starting from
 .Nx 6.0 .
+.Pp
+The default value of
+.Sy localcipher
+was set to
+.Dq argon2id 
+in
+.Pa /etc/passwd.conf
+starting from
+.Nx 10.0 .

Reply via email to