Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 6711 - chpasswd doesn't do MD5 passwords
Summary: chpasswd doesn't do MD5 passwords
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: shadow-utils
Version: 9
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Eido Inoue
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-11-04 09:03 UTC by tom
Modified: 2007-04-18 16:24 UTC (History)
2 users (show)

Fixed In Version: 4.0.4.1-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2004-09-16 22:16:57 UTC


Attachments (Terms of Use)

Description tom 1999-11-04 09:03:50 UTC
When MD5 passwords have been enabled, chpasswd doesn't
detect this and keeps making normal DES 8 character one.

[root@newblack /root]# useradd testuser
[root@newblack /root]# passwd testuser
Changing password for user testuser
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfuly
[root@newblack /root]# grep testuser /etc/shadow
testuser:$1$A.TWky7$K6CQwzI2gBESw13SlaWBd0:10899:0:99999:7:-
1:-1:1345345
[root@newblack /root]# chpasswd
testuser:somepass
[root@newblack /root]# !grep
grep testuser /etc/shadow
testuser:0wuPb0XucJRXA:10899:0:99999:7:::13435344
[root@newblack /root]# userdel testuser

Comment 1 Stephen John Smoogen 2000-04-25 20:45:59 UTC
most of shadow utils doesnt deal with MD5 passwds
usermod -p
useradd -p
etc

In these cases it only imports the first 8 characters of the string

Comment 2 Preston Brown 2000-07-13 19:06:56 UTC
nalin: looks like these need PAM-ification.  You own shadow-utils now. :(

Comment 3 Stephen John Smoogen 2003-01-24 18:54:02 UTC
Bug still exists in Red Hat Linux 8.0. Pretty sure it is in Phoebe also.

Comment 4 Per Steinar Iversen 2003-08-29 13:14:50 UTC
This bug is still not resolved in RedHat 9 or even in the Severn beta. Yet a
simple fix exists that works on RedHat 9 or Severn at least: Modify
/etc/login.defs to contain this line:

MD5_CRYPT_ENAB  yes

Please add this line when MD5 passwords are selected, it should be a trivial fix
and improves password security.


Note You need to log in before you can comment on or make changes to this bug.