Blowfish encryption for local passwords
Tomas Mraz
tmraz at redhat.com
Mon Dec 4 09:36:56 UTC 2006
On Sun, 2006-12-03 at 22:03 +0100, Thomas M Steenholdt wrote:
> Hi guys,
>
> Is there a reason why fedora does not support blowfish (at least through
> the various included tools, system-config-authentication etc.) for
> password encryption?
> From my understanding, Blowfish provides encryption far superior to
> even MD5 and there should no license problems.
> Even though MD5 might seem hard-enough-to-crack, why would we stop there?
>
> Also, it seems like supporting blowfish would not be very hard to
> implement in fedora, so why don't we?
>
> (and the unavoidable:) Other linux distros have Blowfish encryption for
> passwords ;-)
>
> Thanks
We need support for blowfish directly in glibc or replace libcrypt from
glibc with libxcrypt first. Then all other packages can be updated to
support Blowfish.
See:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173002
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173834
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the fedora-devel-list
mailing list