Kevin Kofler wrote: > Ashley M. Kirchner wrote: >> We have an old RH7.3 server that holds all of our user accounts. >> I'm in the process of upgrading everything to FC10 and looking at >> /etc/shadow I'm noticing some differences in the way the passwords are >> encrypted/stored. > > Different hashing algorithms. (The new one is more secure.) > >> I tried simply copying the old shadow file to a new FC10 server and >> it seems to work just fine, however I wonder if I'm not breaking >> something else by doing that. So, what's the proper way to do this? I >> really don't want to have to reset everyone's password (at least not >> till they reach their forced expiration.) > > There's no way to convert the passwords automatically as the hashes used are > not reversible by design (otherwise it would just be cheap obfuscation and > add no real security). > > Kevin Kofler > You could always try expiring the password early. Try it with your own password, and see if changing it converts it to the new hash... I seam to remember reading something about that working, but I am a bit hazy about it. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
Description: OpenPGP digital signature