On Tue, 2006-09-12 at 14:37 +0100, Philip Hazel wrote:
> However, the first question is: should any change be made? I don't
> recall anybody reporting problems, and I suspect that the world is
> moving on to other encryption methods such as {sha1} these days.

I think it's more common to stick to {crypt}, but crypt(3c) is more
clever these days and is extensible in itself.  from /etc/shadow on a
typical Linux system:


as you can see, it's longer than the traditional crypt strings, and it's
separated into fields with dollar signs.  $1 means use the algorithm
"salted MD5", the salt comes next, and finally the crypted password.
*BSD and Solaris supports this scheme, too.  (I think it actually
originated on FreeBSD, but don't shoot me if that's the wrong

I don't think you should worry too much about bigcrypt and other weird
extensions.  just make sure you pass along the _whole_ password to
crypt(3c), not just the first 8 characters.  crypt(3c) will chop off
excess characters itself if need be.

Kjetil T.

## List details at http://www.exim.org/mailman/listinfo/exim-dev Exim details 
at http://www.exim.org/ ##

Reply via email to