Blowfish support in crypt() (glibc) ?
robert at linuxfromscratch.org
Sun Jun 6 15:28:47 PDT 2004
Okay, there's two ways we can do this. libxcrypt is a standalone blowfish
library, crypt_blowfish is the same thing but its in glibc's libcrypto so its
a patch instead of a package. With libxcrypt I got blowfish working using
pam_unix2. With crypt_blowfish I got blowfish working using tcb from owl. It
looks like owl's crypt_blowfish+tcb+pam_passwdqc etc is the better way to go
but they only have shadow-4.0.0 patched to use it, so we would have to
downgrade till thats fixed. Using libxcrypt works fine and doesn't change
anything with shadow. Owl's shadow uses privledge dropping, two new groups
are added, group ckpasswd and shadow.
Anyone want to discuss or vote on this?
More information about the hlfs-dev