Description of problem: Default provisioning templates have hardcoded the password algorithm to sha256. So, even if a user selects sha512 as the password algorithm, the kickstart file will have the following line in the generated kickstart: auth --useshadow --passalgo=sha256 --kickstart Version-Release number of selected component (if applicable): From 6.2.0 and onwards. How reproducible: 100% Steps to Reproduce: 1. Try to provision a new Host and in the OS set the password algorithm to sah512 2. Either render the profiles of provision the host and check the anaconda.ks file Actual results: anaconda.ks contains the following line: auth --useshadow --passalgo=sha256 --kickstart Expected results: auth --useshadow --passalgo=sha512 --kickstart Additional info:
Thanks for the report. I believe this is already tracked under BZ 1372385 despite the title only mentions safe mode. The last step missing there is exactly what you suggest, the template should not hardcode sha256 but use the information from OS. The patch is available and is pending for review. I'm closing this and kindly ask you to follow the linked BZ. *** This bug has been marked as a duplicate of bug 1372385 ***