Re: Blowfish encryption for local passwords

[Thomas M Steenholdt <tmus tmus dk>]

Tomas Mraz wrote:
> On Sun, 2006-12-03 at 22:03 +0100, Thomas M Steenholdt wrote:
> > Hi guys,
> >
> > Is there a reason why fedora does not support blowfish (at least through 
> > the various included tools, system-config-authentication etc.) for 
> > password encryption?
> >  From my understanding, Blowfish provides encryption far superior to 
> > even MD5 and there should no license problems.
> > Even though MD5 might seem hard-enough-to-crack, why would we stop there?
> >
> > Also, it seems like supporting blowfish would not be very hard to 
> > implement in fedora, so why don't we?
> >
> > (and the unavoidable:) Other linux distros have Blowfish encryption for 
> > passwords ;-)
> >
> > Thanks
>
> We need support for blowfish directly in glibc or replace libcrypt from
> glibc with libxcrypt first. Then all other packages can be updated to
> support Blowfish.
>
> See:
>
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173002
>
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173834

Thanks - I've CC'ed myself on those bugs. Doesn't seem like there s much 
activity on them, though?? Perhaps the actual activity is going on 
elsewhere (cvs or such)?

Latest update for the respective bugs is january and may of this year?

/Thomas