Package: libpam-modules Version: 1.4.0-11 Followup-For: Bug #1001353 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
After some additional testing (the mkpasswd utilitity was helpful as well), I discovered that settings of the rounds parameter from 1 to 11 actually do make a difference for the shadow file. With rounds=11 I got the following: bminton:$y$jFT$XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:19073:0:99999:7::: That hash actually took about half a second to calculate: time echo 'asdf asdf'|passwd bminton New password: Retype new password: passwd: password updated successfully real 0m0.637s user 0m0.535s sys 0m0.088s So, I propose that this is a documentation issue. The valid range of the rounds parameter should be documented. - -- System Information: Debian Release: bookworm/sid APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'stable-security'), (400, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-11-amd64 (SMP w/8 CPU threads) Kernel taint flags: TAINT_USER Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libpam-modules depends on: ii debconf [debconf-2.0] 1.5.79 ii libaudit1 1:3.0.6-1+b1 ii libc6 2.33-7 ii libcrypt1 1:4.4.27-1.1 ii libdb5.3 5.3.28+dfsg1-0.8 ii libnsl2 1.3.0-2 ii libpam-modules-bin 1.4.0-11 ii libpam0g 1.4.0-11 ii libselinux1 3.3-1+b1 ii libtirpc3 1.3.2-2 libpam-modules recommends no packages. libpam-modules suggests no packages. - -- debconf information: libpam-modules/deprecate-tally: libpam-modules/profiles-disabled: * libpam-modules/disable-screensaver: -----BEGIN PGP SIGNATURE----- iHUEAREIAB0WIQT5xLt2Dng/DewQpoprjrOgZc+6qQUCYjnqTQAKCRBrjrOgZc+6 qSeUAP9l7LdaNHwUTGKkCA5gG1ldDFURkaUo66Q0YgucQdHu1AD7B+olID3isq8V QBUdvzUhpo3v1aM3cB5yQqdvqvJiJSk= =H6Y2 -----END PGP SIGNATURE-----
