[rhelv6-list] Password Hashing and Rounds
Stephen John Smoogen
smooge at gmail.com
Sat Dec 1 00:54:34 UTC 2012
On 29 November 2012 05:53, Damian Gerow <dgerow at afflictions.org> wrote:
> I've just spent the morning trying to familiarize myself a bit more with password
> management, as it relates to the hashing algorithm, and the impact of
> changing the number of rounds. I've learned a fair bit, but there's one
> thing outstanding that I'm a bit puzzled over:
>
> login.defs and libuser.conf both support parameters that impact the number
> of rounds, but nothing seems to pay attention to them. pam_unix supports a
> 'rounds=' parameter, and this does alter password hashing behaviours.
>
> However, 'authconfig' does *not* have an option/parameter for 'rounds', so
> any time it is run, it will over-write the manually-configured 'rounds='
> option passwd to pam_unix.
>
> Is there a reason that 'authconfig' doesn't support setting the number of
> rounds? Or that the rounds options set in login.defs and/or libuser.conf are
> ignored?
authconfig doesn't support setting a TON of features in various files.
It is meant mainly to do 90% of the configuration needs that people
need to get the system working in 90% of the environments. Outside of
that the number of options explodes exponentially and need to be
handled by the system administrator themselves.
> _______________________________________________
> rhelv6-list mailing list
> rhelv6-list at redhat.com
> https://www.redhat.com/mailman/listinfo/rhelv6-list
--
Stephen J Smoogen.
"Don't derail a useful feature for the 99% because you're not in it."
Linus Torvalds
"Years ago my mother used to say to me,... Elwood, you must be oh
so smart or oh so pleasant. Well, for years I was smart. I
recommend pleasant. You may quote me." —James Stewart as Elwood P. Dowd
More information about the rhelv6-list
mailing list