[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

[PATCH] Use SHA-512 for password encoding by default.

From: David Cantrell <dcantrell redhat com>
To: anaconda-devel-list redhat com
Cc:
Subject: [PATCH] Use SHA-512 for password encoding by default.
Date: Tue, 19 Feb 2008 17:18:23 -1000

Encode passwords using SHA-512 by default.  Users can override
this in a Kickstart file using the 'auth' command.  The options
below determine the algorithm used:

    --enablemd5  -or-  --passalgo=md5        MD5
    --passalgo=sha256                        SHA-256
    --passalgo=sha512                        SHA-512

The previous default was MD5.  glibc now supports SHA-256 and
SHA-512, so we are using the strongest of those choices by
default now.
---
 instdata.py |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/instdata.py b/instdata.py
index 5fde6d3..e1b9159 100644
--- a/instdata.py
+++ b/instdata.py
@@ -72,7 +72,7 @@ class InstallData:
         self.timezone.setTimezoneInfo(self.instLanguage.getDefaultTimeZone())
         self.users = None
         self.rootPassword = { "isCrypted": False, "password": "", "lock": False }
-	self.auth = "--enableshadow --enablemd5"
+	self.auth = "--enableshadow --passalgo=sha512"
 	self.desktop = desktop.Desktop()
         self.upgrade = None
         if flags.cmdline.has_key("doupgrade"):
-- 
1.5.4.1

Follow-Ups:
- Re: [PATCH] Use SHA-512 for password encoding by default.
  - From: Niels de Vos

References:
- [PATCH] new password algos - take 2
  - From: David Cantrell

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]