>Number:         18474
>Category:       bin
>Synopsis:       useradd/usermod fails with new MD5 passwords
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Sep 29 20:26:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     Douglas Wade Needham
>Release:        NetBSD 1.6
>Organization:
>Environment:
System: NetBSD cyteen 1.6 NetBSD 1.6 (GENERIC) #0: Sun Sep 8 19:43:40 UTC 2002 autobuild@tgm.daemon.org:/autobuild/i386/OBJ/autobuild/src/sys/arch/i386/compile/GENERIC i386
Architecture:i386
Machine: i386
>Description:
        useradd/usermod does not permit the use of the new MD5
	checksums when adding accounts.  Problem appears to also
	extend into the other user utilities due to common code.
>How-To-Repeat:

Example commands (note, passwords are munged for security, supply your own):
        usermod -s /bin/ksh -p '$1%mS2grPST$/xwNZFb6QENgP4fmzVkaB0' root
        useradd -u 100 -g staff -G wheel \
                -c "Douglas Wade Needham,,," \
                -p '$1$5IRDRAnb$DldpYJcjZcz39rQo52PAy0'
                cinnion
>Fix:
	Workaround is to manually set/change password with the
	password command.

        Fix will likely be to add code to usr.sbin/user/user.c to
	handle passwords of either 13 or 34 characters in length.
	However, exact fix is unavailable at this time (still setting
	up my 1.6 based build environment).

>Release-Note:
>Audit-Trail:
>Unformatted: