The gshadow command does not use MD5 encryption for the passwords it generates, even on systems configured to use MD5 encryption for /etc/shadow This bug is also present in hampton beta 1
I've changed this bug report to be against the beta as it contains beta NDA information. All NDA related information should be only found in bug reports filed under the beta.
Changing back to 7.2, as this bug is present there and that's where it was noticed and affecting users.
this bug is still present in 7.3 gold
Is gshadow still in the distro?
The /etc/gshadow file is still there, and passwords set in it (using the gpasswd command) are still being put in DES-encrypted, not MD5-encrypted
Forgot to add myself to Cc
Still true with fedora core The significance of this bug is that it prevents group-level passwords from working at all on systems which are using MD5 in /etc/shadow
This issue does no longer affect current Fedora versions (7+). Red Hat Enterprise Linux up to version 5 are affected. However, this issue does not seem to prevent usage of group passwords on system with MD5 enabled, at least on Red Hat Enterprise Linux 4 or later. Due to the minimal security impact of this issue, it will not be treated as security fix. I'm proposing as normal bugfix for inclusion in Red Hat Enterprise Linux 5.
there isn't gshadow command in RHEL. I have tried gpasswd to change group password and the hash in /etc/gshadow looks like "$1$3vIyT/lS$SZXS1spQucMqBmI5POabP1", so I suppose it's a MD5 password.