authconfig = NIS, MD5, Shadow but passwords get stored as DES?

Mailing List

Home

Forum Home

Linux - General Red Hat Linux discussion list

Installation - Getting started with Red Hat Linux

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	Subject: application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	Subject: X Windows problem (xauth)
•	Subject: Upgrading openoffice 1 1 rpm
•	Subject: FTP: connection refused
•	Subject: FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	Subject: broadcom network interface
•	make mrproper
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	sendmail configuration on redhat
•	kernel 2 6 and /dev/sound/mixer not found
•	Subject: Promise 378 controller
•	Subject: Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	Subject: Lotus Notes under Wine
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	rpm database corrupt
•	Command stream end of file while reading
•	qla2300 modules

authconfig = NIS, MD5, Shadow but passwords get stored as DES?

authconfig = NIS, MD5, Shadow but passwords get stored as DES?

2004-05-19 - By Andreas Lund

Back

I'm trying to get a farm of RH Linux servers to use NIS, mostly for the
purpose of having uid/gid names match across NFS shares. Unfortunately, I've
come across all sorts of WEIRD problems.

One of those problems is that when changing passwords, they are now stored
using DES rather than MD5. Coupled with the fact that NIS makes it quite easy
to get your hands on the hashes, this makes me very uncomfortable. And
confused. Can anyone explain to me why the MD5 keyword is being ignored?

Here is the /etc/pam.d/passwd file:
#%PAM-1 (See http://PAM-1.ora-code.com).0
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth

And the /etc/pam.d/system-auth file:
#%PAM-1 (See http://PAM-1.ora-code.com).0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth required /lib/security/pam_deny.so

account required /lib/security/pam_unix.so

password required /lib/security/pam_cracklib.so retry=3 type=
password sufficient /lib/security/pam_unix.so nullok use_authtok md5
shadow nis
password required /lib/security/pam_deny.so

session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so

I've been spending hours trying to google for a solution, all I've come up
with is that Solaris doesn't support MD5... but I have a 100% RH Linux farm so
this shouldn't affect me, right?

--
Andreas Lund (floyd@(protected))
Tel: +47 90.07.71.62 / +47 63.88.33.56
Ano-Tech Computers (http://www.atc.no/)
** He had a baseball bat and I was tied to a chair.
** Pissing him off was the smart thing to do. -- Max Payne

__ ____ ____ ____ ____ ____ ____ ____ ____ ____
Valhalla-list mailing list
Valhalla-list@(protected)
https://www.redhat.com/mailman/listinfo/valhalla-list