Blowfish support in crypt() (glibc) ?

Michael Wu flamingice at NOSPAMsourmilk.net
Fri Apr 16 14:47:08 PDT 2004


Robert Connolly wrote:

> On April 6, 2004 12:23 pm, Manolis Tzanidakis wrote:
>> On Tue, 06 Apr 2004 09:54:25 -0400
>>
>> Michael Wu <flamingice at NOSPAMsourmilk.net> wrote:
>> > I think you'll be much better off using libxcrypt. The files @
>> > http://www.openwall.com/crypt are very old (last release was in
>> > 2002).
>>
>> Thanx a lot Michael, I'll give it a shot later.
> 
> Just because the code is old doesn't mean there is anything wrong with
> it. They're still actively used by a few distros. I wouldn't mind
> adding the libc part of it. There is a shadow patch to use blowfish
> passwords. I'm trying to compile it now.

No, but because it's old, the patches are less likely to work.
Especially with glibc. libxcrypt+pam_unix2 is perfect for systems
equipped with PAM since no patching of the libc is necessary. Now, if
you don't use PAM, I guess you just have to try the patches.

The code being old wasn't my main arguement for using libxcrypt anyway.



More information about the hlfs-dev mailing list