itojun@iijlab.net writes:

> >This is a very important consideration.  I like to be able to copy
> >passwd lines between NetBSD and FreeBSD, for example.
> 
> 	even if you set passwd.conf to blowfish, you can put MD5 passwd line
> 	in /etc/passwd.  passwd.conf determines the default cipher when
> 	*creating* passwd entries.

I realize this.  But if the default is blowfish, I can't copy to
places that don't implement it.

> 	please read this.
> 	http://www.usenix.org/events/usenix99/provos/provos_html/
> 	Niels Provos and David Mazie`res, "A Future-Adaptable Password Scheme",
> 	1999 USENIX Annual Technical Conference

Thanks for the reference.

Also, perhaps NetBSD 1.6-stable should get support for the new bcrypt
option before it becomes the default in -current.  It would seem
unfortunate to me if copying a passwd line from a -current box to a
-stable box resulted in a non-working account.

-- 
        Greg Troxel <gdt@ir.bbn.com>