Package: whois Version: 5.5.10 Severity: important X-Debbugs-Cc: gerrit.huebb...@gesis.org
Dear Maintainer, `mkpasswd --method=help` lists `yescrypt` as an available method. _Yescrypt_ (prefix `$y$`) is Debian 11's default passwd hashing algorithm. The following commands will work, asking for a password, using a generated salt, and outputting in storage format (see `man 5 crypt`): * `mkpasswd --method=yescrypt` * `mkpasswd --method='$y$` * `mkpasswd # defaults to Yescrypt` The following commands providing a salt will FAIL with `Wrong salt length: 16 bytes when 0 expected.`: * `mkpasswd --method=yescrypt --salt=1234567890123456` * `mkpasswd --method='$y$' --salt=1234567890123456` * `mkpasswd --salt=1234567890123456` Therefore, it seems that currently, it's not possible to verify a yescrypt-based / Debian 11 user password by comparing `mkpasswd --salt=...` with e.g. the output from `getent shadow $SOME_USERNAME`. -- System Information: Debian Release: 11.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-10-amd64 (SMP w/64 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages whois depends on: ii libc6 2.31-13+deb11u2 ii libcrypt1 1:4.4.18-4 ii libidn2-0 2.3.0-5 whois recommends no packages. whois suggests no packages. -- no debconf information
