crypt function mode
Sudarshan Soma
sudarshan12s at gmail.com
Sun Apr 19 02:48:01 UTC 2009
On Fri, Apr 17, 2009 at 9:48 PM, Martin <inkubus at interalpha.co.uk> wrote:
> On Fri, 2009-04-17 at 12:00 -0400, pam-list-request at redhat.com wrote:
>
>> -------- Forwarded Message --------
>> From: Sudarshan Soma <sudarshan12s at gmail.com>
>> Reply-To: Pluggable Authentication Modules <pam-list at redhat.com>
>> To: Pluggable Authentication Modules <pam-list at redhat.com>
>> Subject: crypt function mode
>> Date: Fri, 17 Apr 2009 20:36:07 +0530
>>
>> Hi All,
>> Can anyone please let me know what block ciphers mode( Electronic
>> Codebook Mode (ECB) , Cipher Blockchaining Mode (CBC),..)
>> does the crypt function used in pam_unix use.
> It doesn't. These are for symmetric encryption, the crypt function uses
> them as a one way hash (that why the later versions use MD5).
>
[Pavan] Thanks Martin. I was bit confused when it says that crypt uses
modified form of DES algorithm
(http://en.wikipedia.org/wiki/Crypt_(Unix)#Modifications_of_the_traditional_scheme).
So these cipher modes are not applicable for storing/verifying
passwords using crypt. My requirement is to make passwds more secure.
I think enabling shadow passwds(using pwconv) and MD5 hashes
(etc/sysconfig/authconfig) would be enough as the first step.
>> Please suggest me any pointers , if this is more of the crypt function
>> question.
> You might try reading the code; it's about as good a description as any.
>
> Cheers,
> - Martin
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
>
More information about the Pam-list
mailing list