Subject: /etc/passwd.conf
To: None <tech-security@netbsd.org>
From: Jun-ichiro itojun Hagino <itojun@iijlab.net>
List: tech-security
Date: 08/05/2003 22:30:57
given that DES is crackable in 3 seconds, i would like to propose the
following change. you can still use DES password entries, it only
affects newly-created entries (like by passwd(1)). what do people
think? (ypcipher is kept to "old" for backward compat)
itojun
Index: passwd.conf
===================================================================
RCS file: /cvsroot/src/etc/passwd.conf,v
retrieving revision 1.2
diff -u -r1.2 passwd.conf
--- passwd.conf 2002/04/15 07:48:00 1.2
+++ passwd.conf 2003/08/05 13:28:58
@@ -4,6 +4,6 @@
# password configuration file
#
-#default:
-# localcipher = md5
-# ypcipher = old
+default:
+ localcipher = blowfish,7
+ ypcipher = old