Bug 173849 - chpasswd support for blowfish
Summary: chpasswd support for blowfish
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: shadow-utils (Show other bugs)
(Show other bugs)
Version: rawhide
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Peter Vrabec
QA Contact: David Lawrence
URL: https://bugzilla.redhat.com/bugzilla/...
Whiteboard:
Keywords: FutureFeature
Depends On:
Blocks: 173002
TreeView+ depends on / blocked
 
Reported: 2005-11-21 21:11 UTC by Eric Moret
Modified: 2014-12-19 20:52 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-08 16:24:14 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Eric Moret 2005-11-21 21:11:21 UTC
Description of problem:

This bug is opened in relation to a feature request for support of blowfish
crypt in shadow/passwd files. chpasswd should support blowfish in addition to
md5 hash.

Cf: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173002

Comment 1 Peter Vrabec 2008-01-08 16:24:14 UTC
There is a sha256/512 support in the latest shadow-utils from rawhide. Patch 
was accepted by upstream.

http://people.redhat.com/drepper/SHA-crypt.txt

Comment 2 Jo Rhett 2014-12-19 20:52:52 UTC
This bug is closed because implementing it didn't solve a problem with a different, much weaker protocol? I beg to differ. Bcrypt solves every problem with SHA by removing its weak self entirely.

The fix for SHA did not solve this bug at all. Also, there is need for password synchronization across numerous infrastructures which any change to SHA did not solve.

This issue will be highlighted during our discussion with our sales rep for reasons why we won't be paying any more for Red Hat "support", if one can use the word that vaguely. Over the years we've learned that we're only paying for the privilege of being told what Red Hat can't be bothered to fix.


Note You need to log in before you can comment on or make changes to this bug.