Re: FW: Force passwordcheck in login.conf

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Bret S. Lambert

Subject: Re: FW: Force passwordcheck in login.conf

Date: Thursday, October 14, 2010 - 7:26 am

On Thu, Oct 14, 2010 at 10:16:12AM -0400, Brad Tilley wrote:
quoted text> Stuart VanZee wrote:
> > For 8.5.12 see login.conf man page, look for passwordcheck.
> > You will have to write (or find) a program that keeps track
> > of previously used passwords.  I just stored a hash of them
> > in a file and have it check to see if the new password hash
> > matches any of the old 4 password hashes.
> 
> I considered that as a possible solution as well, but it seems that
> approach would weaken the security of the passwords, especially if you
> just use an unsalted hash (md5 or sah1) to store them.

You could use blowfish to store them; the code already exists
in the openbsd base. Storing multiple previous passwords has
always seemed gratuitous to me, but we're not discussing technical
merits, just technical solutions to management fiats...

quoted text> 
> Brad

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

FW: Force passwordcheck in login.conf, Stuart VanZee, (Thu Oct 14, 5:31 am)

Re: FW: Force passwordcheck in login.conf, Brad Tilley, (Thu Oct 14, 7:16 am)

Re: FW: Force passwordcheck in login.conf, Bret S. Lambert, (Thu Oct 14, 7:26 am)


linux-kernel:
Rafael J. Wysocki	[Bug #11559] 2.6.27-rc6: nohz + s2ram = need to press keys to get progress
Grant Grundler	Re: [patch] e1000=y && e1000e=m regression fix (was: Re: [regression] e100...
Christoph Lameter	Re: [bug] SLUB + mm/slab.c boot crash in -rc9
Jeremy Fitzhardinge	Re: [2.6.25] compat VDSO option not disabling
Jörn	Re: [00/41] Large Blocksize Support V7 (adds memmap support)
git:
Pat Thoyts	[PATCH] git-gui: use themed tk widgets with Tk 8.5
Stephan Beyer	Re: git sequencer prototype
Frans Pop	'git gc --aggressive' effectively unusable
Lynn Lin	Re: clearcase migration to git
Johannes Schindelin	Re: [PATCH 2/3] unpack-trees: fix path search bug in verify_absent
linux-netdev:
William Allen Simpson	[net-next-2.6 PATCH v8 0/7] TCPCT part 1: cookie option exchange
Eric Dumazet	Re: [PATCH net-next-2.6] net: Introduce skb_orphan_try()
David Miller	Re: [PATCH 2/2] macb: process the RX ring regardless of interrupt status
David Woodhouse	Re: [bug?] tg3: Failed to load firmware "tigon/tg3_tso.bin"
Eric Dumazet	Re: [PATCH net-next-2.6] net: Introduce skb_orphan_try()
git-commits-head:
Linux Kernel Mailing List	sparc64: Fix sun4u execute bit check in TSB I-TLB load.
Linux Kernel Mailing List	init: Open /dev/console from rootfs
Linux Kernel Mailing List	x86 boot: only pick up additional EFI memmap if add_efi_memmap flag
Linux Kernel Mailing List	Remove empty comment in acpi/power.c
Linux Kernel Mailing List	udp: fix for unicast RX path optimization
openbsd-misc:
nixlists	Re: Which laptops do the developers use?
L. V. Lammert	OT, .. but has anyone seen a crontab editor
Nick Holland	Re: Upgrade 4.1->4.2->4.3
Siju George	Re: Blocking Teamviewer
Henning Brauer	Re: pf: reassemble tcp