Project

General

Profile

Bug #9096

passwords (policy.conf) should default to sha512

Added by Rich Lowe over 1 year ago. Updated about 2 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
system data
Start date:
2018-02-10
Due date:
% Done:

100%

Estimated time:
Difficulty:
Bite-size
Tags:
needs-triage

Description

currently they're at sha256. There's no reason not to default to sha512.

History

#1

Updated by Ryan England 5 months ago

  • Assignee set to Ryan England
#2

Updated by Ryan England 4 months ago

The current configuration generates passwords using sha256.

ryan@openindiana:/code/illumos-gate$ sudo passwd test1
New Password: 
Re-enter new Password: 
passwd: password successfully changed for test1
ryan@openindiana:/code/illumos-gate$ sudo grep test1 /etc/shadow
test1:$5$pbWT57pX$QVmU7JcEtqgyd9rKaxG1RrQU/0Ob7fux03rxjE7VnJ1:18050::::::
#3

Updated by Ryan England 4 months ago

The new configuration generates passwords using sha512.

ryan@openindiana:~$ sudo passwd test2
New Password: 
Re-enter new Password: 
passwd: password successfully changed for test2
ryan@openindiana:~$ sudo grep test2 /etc/shadow
test2:$6$aXCY1k5a$RBNqxxyXeoL6vgYPBq./bNAFTwfw6I9q.7f4v.DwIgjt8ouXRbie.SL7fSX.iLyZogqEoNr2MNbdMiPZHKXys0:18051::::::
#4

Updated by Electric Monk about 2 months ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

git commit a9370e9f996b7ce61bb1a9612a0625161a922320

commit  a9370e9f996b7ce61bb1a9612a0625161a922320
Author: Ryan C. England <rcengland@gmail.com>
Date:   2019-08-20T14:37:14.000Z

    9096 passwords (policy.conf) should default to sha512
    Reviewed by: Peter Tribble <peter.tribble@gmail.com>
    Reviewed by: Andy Fiddaman <omnios@citrus-it.co.uk>
    Reviewed by: Toomas Soome <tsoome@me.com>
    Approved by: Dan McDonald <danmcd@joyent.com>

Also available in: Atom PDF