[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Making Linux use Blowfish for passwd/shadow encryption

On Thu, Sep 25, 2003 at 09:19:08PM +0200, Thorsten Kukuk wrote:
> On Thu, Sep 25, Solar Designer wrote:
> > > > > 	http://www.openwall.com/crypt/

> > > SuSE Linux has it since 8.0.

> >    crypt_blowfish is fully integrated into Owl and distributions by
> >    ALT Linux team, as the default password hashing scheme. It is a
> >    part of the glibc package on ASPLinux and SuSE.
> ... and SuSE Linux.
> Not only SuSE.

Corrected.  (Also on a few other web pages where I had just SuSE, --
you're packaging more of my stuff.)

> > I've downloaded glibc-2.3.2-6.src.rpm from SuSE 8.2 and looked at it
> > briefly.  I notice that you disable the x86 assembly code in
> > crypt_blowfish, why?  There was a thread-safety problem in that code
> > which has since been corrected, so you could want to update to
> > crypt_blowfish 0.4.5 and re-enable that code:
> We had massive problems with this, but I don't remember what it was
> anymore. It had something to do with the toolchain. I will enable it
> again and make same tests.

Thank you!

I'd appreciate it if you drop me a note whenever you happen to apply
a patch to something I wrote, -- I now notice that you have a few
Makefile patches to my PAM modules and I'll probably apply those for
later versions.

As for your integration of bcrypt password hashing, I notice that you
don't currently have support for specifying the iteration counts.  I
think this is something to correct, either by enhancing pam_unix2 even
further or by migrating to pam_tcb.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]