[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Making Linux use Blowfish for passwd/shadow encryption



On Wed, Sep 24, 2003 at 03:51:37PM +0100, Mark Watts wrote:
> > > > Alternatively, you may "patch" the support into whatever distribution
> > > > you have, using these packages:
> > > >
> > > > 	http://www.openwall.com/crypt/
> > > > 	http://www.openwall.com/tcb/
> > > >
> > > > Finally, we may do this work for you if it's paid for. ;-)
> > >
> > > Ok, working on the assumption that my managment aren't going to pay
> > > someone else... are there any patches around for Mandrake 9.1 ?
> >
> > I'm not aware of anything for Mandrake 9.1 specifically, but with some
> > C, Makefile, and RPM skills you should be able to apply the crypt_blowfish
> > package available at the URL I've referenced above.
> 
> Bleh, I was so hoping you weren't going to say that :)

Actually, it's mostly just Makefile and RPM skills.  You don't need to
deal with C much.

> Patching glibc looks easy, but patching everything else looks hard...

You don't really have to patch "everything else", once you have
crypt_blowfish in your glibc, you can build our tcb suite and use
that (the NSS and PAM modules).

-- 
Alexander Peslyak <solar openwall com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]