Hey What's wrong with the blowfish hash?
Reading up on it the full 16 round cipher is unbroken, only 4 and 14 round versions can be broke. Regards Daniel On 1/4/09, O. Hartmann <[email protected]> wrote: > MD5 seems to be compromised by potential collision attacks. So I tried > to figure out how I can use another hash for security purposes when > hashing passwords for local users on a FreeBSD 7/8 box, like root or > local box administration. Looking at man login.conf reveals only three > possible hash algorithms selectable: md5 (recommended), des and blf. > Changing /etc/login.conf's tag > > default:\ > :passwd_format=sha1:\ > > > followed by a obligatory "cap_mkdb" seems to do something - changing > root's password results in different hashes when selecting different > hash algorithms like des, md5, sha1, blf or even sha256. > > Well, I never digged deep enough into the source code to reveal the > magic and truth, so I will ask here for some help. Is it possible to > change the md5-algorithm by default towards sha1 as recommended after > the md5-collisions has been published? > > Thanks in advance, > Oliver > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "[email protected]" > -- http://buymeahouse.stiw.org/ _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
