|
Bugzilla – Full Text Bug Listing |
| Summary: | DES crypt in shadow | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE Tumbleweed | Reporter: | Bernhard Wiedemann <bwiedemann> |
| Component: | Security | Assignee: | Security Team bot <security-team> |
| Status: | RESOLVED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Major | ||
| Priority: | P5 - None | CC: | kukuk, meissner |
| Version: | 13.1 Beta 1 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | SUSE Other | ||
| Whiteboard: | |||
| Found By: | Beta-Customer | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Bernhard Wiedemann
2013-02-04 13:34:22 UTC
(In reply to comment #0) > /etc/pam.d/common-password has > password requisite pam_cracklib.so > password optional pam_gnome_keyring.so use_authtok > password required pam_unix.so use_authtok try_first_pass Looks like a fix did got lost somehow ... > even when calling it with ENCRYPT_METHOD=SHA512 passwd > it still uses DES Of course, it would be a real security problem if you would allow a user to overwrite the password hash method. Why do you think such an environment option should exist at all? I had had read man passwd and not noticed that it referred to /etc/login.defs however adding ENCRYPT_METHOD SHA512 there did not help either. Thanks for the quick fix. This is an autogenerated message for OBS integration: This bug (801970) was mentioned in https://build.opensuse.org/request/show/151115 Factory / pam-config |