[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pwdb breakage



   Date: Sat, 31 May 1997 18:54:23 +0300 (EET DST)
   From: Cristian Gafton <gafton@sorosis.ro>

   On Sat, 31 May 1997, Kirk Bauer wrote:

   > A slightly related question -- is there *anybody* out there that would
   > *not* use shadow passwords?  Why not just make Red Hat Linux automatically
   > use shadow passwords (FreeBSD does by default)...   I see no reason to
   > *not* use shadow passwords...

   Well put. Why not make RH the step from 'supporting' shadow passwords to
   acctually *using* them ?!

I don't use shadow passwords, and I think the increase in security is
marginal compared to the non-standardness and annoyance caused by using
/etc/shadow.  (Although granted pwdb and pam goes quite a way in
eliminating the annoyances caused by using shadow passwords).

Redhat should be commended for giving system administrators to option of
whether or not they wish to use shadow passwords.  (I have no objections
if it's made easier to turn on; maybe as an installation option.  I just
want the option to not use shadow passwords.)

IMHO, MD5 passwords and an up-front password quality checker are much
better tools.....

						- Ted



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []