'[Pkg-shadow-devel] Bug#447747: Bug#447747: Bug#447747: chpasswd default hash algorithm'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pkg-shadow-devel
Subject:    [Pkg-shadow-devel] Bug#447747: Bug#447747: Bug#447747: chpasswd default hash algorithm
From:       Christian Perrier <bubulle () debian ! org>
Date:       2007-10-24 5:23:40
Message-ID: 20071024052339.GY16467 () mykerinos ! kheops ! frmug ! org
[Download RAW message or body]


Quoting Margarita Manterola (margamanterola@gmail.com):
> Hi!
> 
> On 10/23/07, Christian Perrier <bubulle@debian.org> wrote:
> > Quoting Matias Soler (gnuler@gmail.com):
> > > Package: passwd
> > > Version: 1:4.0.18.1-7
> > > Severity: wishlist
> > >
> > > It would be desirable to default chpasswd hash algorithm to MD5 instead of
> > > DES.
> > Well, we might need a pretty strong rationale to consider a change
> > that would break the "no surprise" principle.
> 
> Well, it depends on which the surprise is.  I find it quite surprising
> that in 2007 using chpasswd in Debian leads to passwords being

s/in Debian/in all distros that use chpasswd

That's one of the points.

> truncated at 8 characters.  I thought this was OLD history.
> 
> > Changing the default behaviour of the utility would be likely to break
> > existing setups that use chpasswd.
> 
> Would something really break?  The passwords would be as long as the
> user actually typed them, but only after changing the password, and
> only if you used a longer-than-8-characters-long password but then
> typed the first 8 characters.
> 
> What real scenario is there for something breaking?


All users who have custom scripts based on chpasswd and relying on the
fact that generated passwords are DES ones. If we suddenly change the
default behaviour of chpasswd to generated MD5 hashes, then we might
break their systems if they are not MD5-ready.

I don't know if this is a corner case but this is certainly somethign
we might want to  triple-check before changing the default behaviour
of that command.

Moreover, I wouldn't like to change the default in Debian only. We
have worked enough to remove all Debian-specific stuff in shadow and
it would be sad to go one step back.



["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic