From nobody@FreeBSD.org  Thu Dec 21 02:18:23 2000
Return-Path: <nobody@FreeBSD.org>
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 3B5D037B400
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 21 Dec 2000 02:18:23 -0800 (PST)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id eBLAINs35421;
	Thu, 21 Dec 2000 02:18:23 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200012211018.eBLAINs35421@freefall.freebsd.org>
Date: Thu, 21 Dec 2000 02:18:23 -0800 (PST)
From: dschultz@uclink.berkeley.edu
Sender: nobody@FreeBSD.org
To: freebsd-gnats-submit@FreeBSD.org
Subject: Changing from DES to MD5 passwords does not work properly
X-Send-Pr-Version: www-1.0

>Number:         23709
>Category:       misc
>Synopsis:       Changing from DES to MD5 passwords does not work properly
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Dec 21 02:20:01 PST 2000
>Closed-Date:    Thu May 31 19:33:54 PDT 2001
>Last-Modified:  Thu May 31 19:34:35 PDT 2001
>Originator:     David Schultz
>Release:        4.1-RELEASE
>Organization:
>Environment:
N/A
>Description:
When passwd-format=md5 is added to the login.conf file of a system that uses DES passwords, DES passwords are still used for all accounts, even if users attempt to change their passwords with passwd. Evidently, once it's DES, it's always DES, regardless of what login.conf says.

There is a workaround below, but it would be nice if the docs reflected the true nature of this beast.
>How-To-Repeat:
-Install FreeBSD with libdescrypt
-Create an account
-Add passwd_format=md5 to login.conf under default
-Login to the account that was created and use passwd to change the password
-Login as root and cat master.passwd--- note that DES is still used.
>Fix:
Login as root and use vipw to set the user's encrypted password to $1$. Use passwd _username_ to set the password for that user again.

>Release-Note:
>Audit-Trail:

From: Fabrice Aneche <akh@nunix.net>
To: freebsd-gnats-submit@FreeBSD.org, dschultz@uclink.berkeley.edu
Cc:  
Subject: Re: misc/23709: Changing from DES to MD5 passwords does not work properly
Date: Wed, 25 Apr 2001 21:19:57 +0200

 Now in 4.3-RELEASE,  login.conf is already set to :
 
 default:\
         :passwd_format=md5:\
 
 
 But it doesn't work at all ... if you set it to des :it crypts in md5 ,
 and if you install crypto and change your libcrypt to libdescrypt , it's
 the same it crypts only in des .
 
State-Changed-From-To: open->closed 
State-Changed-By: dd 
State-Changed-When: Thu May 31 19:33:54 PDT 2001 
State-Changed-Why:  
Quite a few changes in this area have been made since 4.1; please try 4.3 
and report back if you have problems. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=23709 
>Unformatted:
