Blowfish support in crypt() (glibc) ?

Ian Molton spyro at f2s.com
Mon Jun 7 17:47:53 PDT 2004


On Mon, 07 Jun 2004 17:20:44 -0400
Robert Connolly <robert at linuxfromscratch.org> wrote:

> ccording to that url md5 should have 
> been abandoned in 1995.

At their current rate, it looks like ~250 machines give a 1 in 50,000
chance of cracking it in a year.

OK, so clearly governments can crack it. But Im not scared about my
personal boxes (passwords are for local logins only, remote users must
use ssh).

If it becomes a serious problem (5 years from now ought to allow a single home box to do it ;-) I think the relevant packagers will be upgraded already.



More information about the hlfs-dev mailing list