4176 – root password hash remains weak after selecting MD5 hash

Bug 4176 - root password hash remains weak after selecting MD5 hash

Summary: root password hash remains weak after selecting MD5 hash

Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	installer
Sub Component:
Version:	6.0
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	David Lawrence
QA Contact:
Docs Contact:
URL:
Whiteboard:
Keywords:	Security
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	1999-07-23 12:49 UTC by mommi
Modified:	2008-05-01 15:37 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:
Doc Text:	(edit)
Clone Of:
Environment:	(edit)
Last Closed:	1999-07-29 07:01:08 UTC

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description mommi 1999-07-23 12:49:22 UTC

root password hash remains weak after selecting MD5
hash. /etc/shadow has a very short hash of root password
and long hashes of (ordinary) users added afterwards. This
must be documented so root remembers to change his password
after install to get the stronger hash.

Comment 1 Cristian Gafton 1999-07-29 07:01:59 UTC

This is because the change in the authentication policies comes after
we set the root password. We will address this problem in the next
release.

Note You need to log in before you can comment on or make changes to this bug.