Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 6711 - chpasswd doesn't do MD5 passwords
Summary: chpasswd doesn't do MD5 passwords
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: shadow-utils
Version: 9
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Eido Inoue
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 1999-11-04 09:03 UTC by tom
Modified: 2007-04-18 16:24 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2004-09-16 22:16:57 UTC

Attachments (Terms of Use)

Description tom 1999-11-04 09:03:50 UTC
When MD5 passwords have been enabled, chpasswd doesn't
detect this and keeps making normal DES 8 character one.

[root@newblack /root]# useradd testuser
[root@newblack /root]# passwd testuser
Changing password for user testuser
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfuly
[root@newblack /root]# grep testuser /etc/shadow
[root@newblack /root]# chpasswd
[root@newblack /root]# !grep
grep testuser /etc/shadow
[root@newblack /root]# userdel testuser

Comment 1 Stephen John Smoogen 2000-04-25 20:45:59 UTC
most of shadow utils doesnt deal with MD5 passwds
usermod -p
useradd -p

In these cases it only imports the first 8 characters of the string

Comment 2 Preston Brown 2000-07-13 19:06:56 UTC
nalin: looks like these need PAM-ification.  You own shadow-utils now. :(

Comment 3 Stephen John Smoogen 2003-01-24 18:54:02 UTC
Bug still exists in Red Hat Linux 8.0. Pretty sure it is in Phoebe also.

Comment 4 Per Steinar Iversen 2003-08-29 13:14:50 UTC
This bug is still not resolved in RedHat 9 or even in the Severn beta. Yet a
simple fix exists that works on RedHat 9 or Severn at least: Modify
/etc/login.defs to contain this line:


Please add this line when MD5 passwords are selected, it should be a trivial fix
and improves password security.

Note You need to log in before you can comment on or make changes to this bug.