On Tue, 28 May 2013, Andreas Meile wrote: > I tried that out on a lab system where I replaced pam_unix.so into > pam_unix2.so inside both common-auth and common-password config > files. > > Result: The system nows recognizes all $2a$ (Blowfish) password > hashes but does not longer accepts $6$ (SHA-512) password now.
Use both at the same time to check credentials, and only pam_unix to change credentials (to migrate to sha-512 over time). But be very careful on how you stack them, or you will create a nasty security hole. I strongly suggest you do a very through reading of the PAM documentation before you attempt this. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130531011850.ga32...@khazad-dum.debian.net
