On 07/08/2010 12:50 PM, Toni Mueller wrote:


Hi,


On Thu, 08.07.2010 at 11:39:35 +0200, Stefan Hornburg (Racke)<[email protected]> 
 wrote:
Where does it say that it takes password() encrypted passwords?

on this page:
http://download.pureftpd.org/pub/pure-ftpd/doc/README.MySQL

I read:

------- cut
- The user's password, in plaintext, MD5, crypt()ed or MySQL's password()
format. Pure-FTPd also accepts the "any" value for the MySQLCrypt field.
With "any", all hashing functions (not plaintext) are tried.
------- cut


* RECOMMENDATION: On Solaris systems and on very old C libraries, use MySQL
MD5 hashing. On all other systems, better use crypt(), which adds a salt.
Avoid password() whoose hash function is rather weak, not portable, and it is
supposed to be only used for internal accounts of MySQL servers. password() is
no more supported by Pure-FTPd with MySQL 4.1.0 and later.

Case closed.

Still thanks for the interesting report. I never knew that Pure-FTPd did support
the password() encryption scheme.

Regards
         Racke


--
LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team




--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to