cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-06-30 17:20:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
4d2cbcadc51d7294391b3485373e643b8a3fbb21
packages/utils/shadow/patches/005-set-encrypt-method-sha512.patch
T
Karel Kočí 38c0db06bd shadow: change default encryption method from DES to SHA512 
Busybox in default uses SHA512 as well.

On big ditribution this default is sourced from PAM. That means that
shadow reads pam settings and uses that. OpenWrt in most cases does not
have PAM installed and in such case shadow fallbacks to its own default
which is DES. This just changes that default to SHA512 which is
consistent with rest of the system.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit f27ce05a58)
2019-12-21 21:53:08 +01:00

12 lines
301 B
Diff
Raw Blame History

--- a/etc/login.defs
+++ b/etc/login.defs
@@ -317,7 +317,7 @@ CHFN_RESTRICT rwh
# Note: If you use PAM, it is recommended to use a value consistent with
# the PAM modules configuration.
#
-#ENCRYPT_METHOD DES
+ENCRYPT_METHOD SHA512
#
# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
Reference in New Issue View Git Blame Copy Permalink