Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 33537 - request: improved password hashing scheme
Summary: request: improved password hashing scheme
Status: RESOLVED LATER
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Core system (show other bugs)
Hardware: All All
: High enhancement (vote)
Assignee: PAM Gentoo Team (OBSOLETE)
URL: http://www.openwall.com/crypt/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-11-14 22:26 UTC by Eric Harney
Modified: 2006-04-21 08:31 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Eric Harney 2003-11-14 22:26:33 UTC 
I think it would be worthwhile for Gentoo to look into implementing a "modern" password hashing scheme such as this one.  Having password hashes that are more difficult to attack (require more cpu power) just add one more thing to help make everything more secure.
Comment 1 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2003-11-14 22:36:24 UTC 
solar: This is your code. If it can be integrated without breaking anything, I'd like it too.
Comment 2 Martin Schlemmer (RETIRED) gentoo-dev 2003-11-16 15:02:00 UTC 
I have not looked at it, but I guess the most important question is - does
it rely on additional libs ?
Comment 3 solar (RETIRED) gentoo-dev 2003-11-21 14:59:07 UTC 
Re: Additional Comment #1 
I think you might have me confused with Solar Designer solar@openwall.
I'm not him, nor is he I.

Anyway as you are wanting this support I'll bounce this bug to
you. Reassign to pam-bugs if more appropriate.
Comment 4 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2003-11-30 03:41:21 UTC 
pam people need to evaluate carefully.
Comment 5 Eric Harney 2003-12-02 08:03:55 UTC 
This may be another useful, and possibly simpler option for adding a feature like this: (supports blowfish)

http://www.thkukuk.de/pam/pam_unix2/
Comment 6 Diego Elio Pettenò (RETIRED) gentoo-dev 2006-04-21 08:31:13 UTC 
This is non trivial to resolve, and pam_unix2 really looks simpler to achieve.
Closing as LATER until someone can work it out in an "ebuildable" manner without touching glibc.