Bug 33537

Summary:	request: improved password hashing scheme
Product:	Gentoo Linux	Reporter:	Eric Harney <eharney>
Component:	[OLD] Core system	Assignee:	PAM Gentoo Team (OBSOLETE) <pam-bugs+disabled>
Status:	RESOLVED LATER
Severity:	enhancement	CC:	azarah, solar
Priority:	High
Version:	unspecified
Hardware:	All
OS:	All
URL:	http://www.openwall.com/crypt/
Whiteboard:
Package list:		Runtime testing required:	---

Description Eric Harney 2003-11-14 22:26:33 UTC

I think it would be worthwhile for Gentoo to look into implementing a "modern" password hashing scheme such as this one.  Having password hashes that are more difficult to attack (require more cpu power) just add one more thing to help make everything more secure.

Comment 1 Robin Johnson archtester

2003-11-14 22:36:24 UTC

solar: This is your code. If it can be integrated without breaking anything, I'd like it too.

Comment 2 Martin Schlemmer (RETIRED) gentoo-dev

2003-11-16 15:02:00 UTC

I have not looked at it, but I guess the most important question is - does
it rely on additional libs ?

Comment 3 solar (RETIRED) gentoo-dev

2003-11-21 14:59:07 UTC

Re: Additional Comment #1 
I think you might have me confused with Solar Designer solar@openwall.
I'm not him, nor is he I.

Anyway as you are wanting this support I'll bounce this bug to
you. Reassign to pam-bugs if more appropriate.

Comment 4 Robin Johnson archtester

2003-11-30 03:41:21 UTC

pam people need to evaluate carefully.

Comment 5 Eric Harney 2003-12-02 08:03:55 UTC

This may be another useful, and possibly simpler option for adding a feature like this: (supports blowfish)

http://www.thkukuk.de/pam/pam_unix2/

Comment 6 Diego Elio Pettenò (RETIRED) gentoo-dev

2006-04-21 08:31:13 UTC

This is non trivial to resolve, and pam_unix2 really looks simpler to achieve.
Closing as LATER until someone can work it out in an "ebuildable" manner without touching glibc.