Hello, I have a very weird problem on a CentOS 5.2 system. A few months ago, encrypted passwords in the shadow file were MD5'ed - allowing for long passwords, rather than only 8 characters max. Today, passwords are 3DES'ed only. No way to find how the system reverted to DES-encrypting. But what's more bothersome is we cannot get the system to go the MD5 way again, despite all our best efforts. Authconfig says this : pam_unix is always enabled shadow passwords are enabled password hashing algorithm is md5 So... where to look ? Tia, -- FdL
Fr?d?rique Da Luene wrote:> pam_unix is always enabled > shadow passwords are enabled > password hashing algorithm is md5Check /etc/sysconfig/authconfig for USEMD5=yes If that is there and you still get 3DES passwords, then, ummm, check that your /usr/bin/passwd is the one which is shipped with CentOS. Ralph -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20090402/55f3309b/attachment-0003.sig>
> Hello, > I have a very weird problem on a CentOS 5.2 system. A few months ago, encrypted passwords in the shadow file were MD5'ed - allowing for long passwords, rather than only 8 characters max. > Today, passwords are 3DES'ed only. No way to find how the system reverted to DES-encrypting. But what's more bothersome is we cannot get the system to go the MD5 way again, despite all our best efforts. > Authconfig says this : > > pam_unix is always enabled > shadow passwords are enabled > password hashing algorithm is md5 > > So... where to look ?Have you checked /etc/libuser.conf for crypt_style? pwck and grpck can verify integrity of the data in /etc/passwd /etc/group /etc/shadow /etc/gshadow.