tech-crypto archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Changing the default localcipher in passwd.conf to argon2id
On Sun, Oct 31, 2021 at 04:45:59PM -0700, Alistair Crooks wrote:
> Or is the intent to discuss this in retrospect?
Is the concern primarily with it not being in a release?
I'm not really certain how I could address it, other than a prerequisite
waiting a few years. It's true that existing passwords won't be affected
until they're regenerated, and people who are updating etc with etcupdate
will get a prior warning that some configuration is changing. Updating
etc in any other way seems like it will get you nasty surprises
regardless :/
Something that now occurs to me is that the error feedback from passwd
is not good at all if an unspecified cipher is used:
Couldn't generate salt.
Unable to change auth token: Error in service module
but this may be down to limitations in the crypt interface.
Home |
Main Index |
Thread Index |
Old Index