[rhelv6-list] Password Hashing and Rounds
Damian Gerow
dgerow at afflictions.org
Thu Nov 29 12:53:07 UTC 2012
I've just spent the morning trying to familiarize myself a bit more with password
management, as it relates to the hashing algorithm, and the impact of
changing the number of rounds. I've learned a fair bit, but there's one
thing outstanding that I'm a bit puzzled over:
login.defs and libuser.conf both support parameters that impact the number
of rounds, but nothing seems to pay attention to them. pam_unix supports a
'rounds=' parameter, and this does alter password hashing behaviours.
However, 'authconfig' does *not* have an option/parameter for 'rounds', so
any time it is run, it will over-write the manually-configured 'rounds='
option passwd to pam_unix.
Is there a reason that 'authconfig' doesn't support setting the number of
rounds? Or that the rounds options set in login.defs and/or libuser.conf are
ignored?
More information about the rhelv6-list
mailing list