Password hashing algorithms

Mathias Schindler mschind at jcsbs.de
Wed Jun 13 04:15:55 PDT 2001


> -----Original Message-----
> stefan at bagdohn.de

> In the file /etc/login.defs you can set
> MD5_CRYPT_ENAB	yes
> This enables md5 passwords. There are a lot more
> options to set in the file. I do not know what the standart
> (default) algorithm is, but it is weaker than m5. You can
> test this with e.g. John the ripper.

You should try to enable SHA-1 hased since they are much stronger than
MD5.

Yours,
Mathias

-- 
Unsubscribe: send email to lfs-security-request at linuxfromscratch.org
and put unsubscribe in the subject header of the message



More information about the lfs-security mailing list