Bug 6711 - chpasswd doesn't do MD5 passwords
chpasswd doesn't do MD5 passwords
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: shadow-utils (Show other bugs)
9
All Linux
medium Severity medium
: ---
: ---
Assigned To: Eido Inoue
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 1999-11-04 04:03 EST by tom
Modified: 2007-04-18 12:24 EDT (History)
2 users (show)

See Also:
Fixed In Version: 4.0.4.1-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-09-16 18:16:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description tom 1999-11-04 04:03:50 EST
When MD5 passwords have been enabled, chpasswd doesn't
detect this and keeps making normal DES 8 character one.

[root@newblack /root]# useradd testuser
[root@newblack /root]# passwd testuser
Changing password for user testuser
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfuly
[root@newblack /root]# grep testuser /etc/shadow
testuser:$1$A.TWky7$K6CQwzI2gBESw13SlaWBd0:10899:0:99999:7:-
1:-1:1345345
[root@newblack /root]# chpasswd
testuser:somepass
[root@newblack /root]# !grep
grep testuser /etc/shadow
testuser:0wuPb0XucJRXA:10899:0:99999:7:::13435344
[root@newblack /root]# userdel testuser
Comment 1 Stephen John Smoogen 2000-04-25 16:45:59 EDT
most of shadow utils doesnt deal with MD5 passwds
usermod -p
useradd -p
etc

In these cases it only imports the first 8 characters of the string
Comment 2 Preston Brown 2000-07-13 15:06:56 EDT
nalin: looks like these need PAM-ification.  You own shadow-utils now. :(
Comment 3 Stephen John Smoogen 2003-01-24 13:54:02 EST
Bug still exists in Red Hat Linux 8.0. Pretty sure it is in Phoebe also.
Comment 4 Per Steinar Iversen 2003-08-29 09:14:50 EDT
This bug is still not resolved in RedHat 9 or even in the Severn beta. Yet a
simple fix exists that works on RedHat 9 or Severn at least: Modify
/etc/login.defs to contain this line:

MD5_CRYPT_ENAB  yes

Please add this line when MD5 passwords are selected, it should be a trivial fix
and improves password security.

Note You need to log in before you can comment on or make changes to this bug.