Bug 1119289
Summary: | pam_userdb works only with DES-crypt despite crypt() supporting other hash algorithms too | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Marcel Kolaja <mkolaja> |
Component: | pam | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED ERRATA | QA Contact: | Dalibor Pospíšil <dapospis> |
Severity: | low | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.5 | CC: | dapospis, tmraz |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | pam-1.1.1-19.el6 | Doc Type: | Bug Fix |
Doc Text: |
Cause:
pam_userdb too strictly handled the call to the crypt() function not expecting modern crypt hash formats.
Consequence:
pam_userdb was not able to support any other hash algorithms supported by glibc for the user password hashes.
Fix:
The code handling the crypt() function call was improved.
Result:
pam_userdb module now supports any password hash formats supported by the glibc crypt() function.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2014-10-14 08:10:13 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Marcel Kolaja
2014-07-14 12:43:33 UTC
Rather than fixing the documentation the code should be fixed with backport of the code changes from RHEL-7. You can easily create a SHA512 hashed password with python script: import crypt crypt.crypt('<password>', '<salt>') Where salt is $6$<any-16-random-characters>$' Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1579.html |