When MD5 passwords have been enabled, chpasswd doesn't detect this and keeps making normal DES 8 character one. [root@newblack /root]# useradd testuser [root@newblack /root]# passwd testuser Changing password for user testuser New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfuly [root@newblack /root]# grep testuser /etc/shadow testuser:$1$A.TWky7$K6CQwzI2gBESw13SlaWBd0:10899:0:99999:7:- 1:-1:1345345 [root@newblack /root]# chpasswd testuser:somepass [root@newblack /root]# !grep grep testuser /etc/shadow testuser:0wuPb0XucJRXA:10899:0:99999:7:::13435344 [root@newblack /root]# userdel testuser
most of shadow utils doesnt deal with MD5 passwds usermod -p useradd -p etc In these cases it only imports the first 8 characters of the string
nalin: looks like these need PAM-ification. You own shadow-utils now. :(
Bug still exists in Red Hat Linux 8.0. Pretty sure it is in Phoebe also.
This bug is still not resolved in RedHat 9 or even in the Severn beta. Yet a simple fix exists that works on RedHat 9 or Severn at least: Modify /etc/login.defs to contain this line: MD5_CRYPT_ENAB yes Please add this line when MD5 passwords are selected, it should be a trivial fix and improves password security.