Hi Stan,
On 15 Apr 2021, at 4:23, Finn Thain wrote:
Most of that is probably password hashing. Look in /etc/shadow and
you'll
probably find long password hashes. If you're not worried about weak
hashes, you could switch to DES which is probably what A/UX uses. See
'man
login.defs' and 'man 3 crypt'.
BTW, if your password hashes are never leaked or your actual passwords
are
guessable anyway then I don't see much benefit from SHA512.
FTR, I'm not advocating guessable passwords and weak hashes. But if
you
want to try it, I hear that 12345 is very popular:
$ perl -e 'print crypt("12345","xx")."\n"'
xxwddmriJc5TI
When I had similar problems on a Mac LCII, I've switched the password
hashing scheme from SHA512 (5000 Rounds) to MD5 with
ENCRYPT_METHOD MD5
in /etc/login.defs and
password [success=1 default=ignore] pam_unix.so obscure md5
in /etc/pam.d/common-password
After changing this setting, make sure to set a new password for the
users that you use. The password string in /etc/shadow should now look
like this
user:$1$LJE/eegi$OnIQXGTyEwh2q8rhyJssw/:18732:0:99999:7:::
instead of this (SHA512)
user:$6$ThsKWiJWXD8NRyVk$4jC4Rmn9.SoHFou7w84VOYgTshzyvbz2zIBgDbozbzC5CfYw8Dipihsrd8HC5oNob2OjTun.2dDl0KU4c5lO51:18732:0:99999:7:::
Greetings
Carsten
