release-notes/devel/en_US Security.xml,1.20,1.21
Murray McAllister (mdious)
fedora-docs-commits at redhat.com
Mon Mar 17 03:00:54 UTC 2008
Author: mdious
Update of /cvs/docs/release-notes/devel/en_US
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15706/en_US
Modified Files:
Security.xml
Log Message:
updating lists as per wiki content 0300 2008-03-17
Index: Security.xml
===================================================================
RCS file: /cvs/docs/release-notes/devel/en_US/Security.xml,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- Security.xml 17 Mar 2008 01:36:48 -0000 1.20
+++ Security.xml 17 Mar 2008 03:00:51 -0000 1.21
@@ -18,22 +18,18 @@
<section id="sn-Security-Enhancements">
<title>Security Enhancements</title>
- <itemizedlist>
- <listitem>
- <para>Fedora continues to improve its many proactive <ulink url="http://fedoraproject.org/wiki/Security/Features">security features</ulink>.
- </para>
- </listitem>
- <listitem>
- <para>The <package>glibc</package> package in Fedora 8 had support for passwords using SHA-256 and SHA-512 hashing. Previously, only DES and MD5 were available. These tools have been extended in Fedora 9. Password hashing using the SHA-256 and SHA-512 hash functions is now supported.
- </para>
- <para>To switch to SHA-256 or SHA-512 on an installed system, use <command>authconfig --passalgo=sha256 --update</command> or <command>authconfig --passalgo=sha512 --update</command>. Alternatively, use the <command>authconfig-gtk</command> GUI tool to configure the hashing method. Existing user accounts will not be affected until their passwords are changed.
- </para>
- <para>
- SHA-512 is used by default on newly installed systems. Other algorithms can be configured only for kickstart installations, by using the <option>--passalgo</option> or <option>--enablemd5</option> options for the kickstart <option>auth</option> command. If your installation does not use kickstart, use <command>authconfig</command> as described above, and then change the root user password, and passwords for other users created after installation.
- </para>
- <para>New options were added to <package>libuser</package>, <package>pam</package>, and <package>shadow-utils</package>, to support these password hashing algorithms. Running <command>authconfig</command> configures all these options automatically, so it is not necessary to modify them manually.
- </para>
- </listitem>
+ <para>Fedora continues to improve its many proactive <ulink url="http://fedoraproject.org/wiki/Security/Features">security features</ulink>.
+ </para>
+ <para>The <package>glibc</package> package in Fedora 8 had support for passwords using SHA-256 and SHA-512 hashing. Previously, only DES and MD5 were available. These tools have been extended in Fedora 9. Password hashing using the SHA-256 and SHA-512 hash functions is now supported.
+ </para>
+ <para>To switch to SHA-256 or SHA-512 on an installed system, use <command>authconfig --passalgo=sha256 --update</command> or <command>authconfig --passalgo=sha512 --update</command>. Alternatively, use the <command>authconfig-gtk</command> GUI tool to configure the hashing method. Existing user accounts will not be affected until their passwords are changed.
+ </para>
+ <para>
+ SHA-512 is used by default on newly installed systems. Other algorithms can be configured only for kickstart installations, by using the <option>--passalgo</option> or <option>--enablemd5</option> options for the kickstart <option>auth</option> command. If your installation does not use kickstart, use <command>authconfig</command> as described above, and then change the root user password, and passwords for other users created after installation.
+ </para>
+ <para>New options were added to <package>libuser</package>, <package>pam</package>, and <package>shadow-utils</package>, to support these password hashing algorithms. Running <command>authconfig</command> configures all these options automatically, so it is not necessary to modify them manually.
+ </para>
+ <itemizedlist>
<listitem>
<para>New values for the <option>crypt_style</option> option, and the new options <option>hash_rounds_min</option>, and <option>hash_rounds_max</option>, are now supported in the <option>[defaults]</option> section of <filename>/etc/libuser.conf</filename>. Refer to the <command>libuser.conf(5)</command> man page for details.
</para>
More information about the Fedora-docs-commits
mailing list