On 01/28/10 23:44, Mike Andrews:
all my password hashes are in the format "$2a$04$salthash" -- with the "04"
being the (default) number of rounds of Blowfish to run
There is probably a login.conf knob to raise the default number of
rounds beyond 2^4.
No. The standard way of password change flow trough pam_unix.c.
It call crypt(new_pass, salt) where salt is pseudo-random sequence. As
such salt doesn't start with a magic, the default algorithm is selected.
If it si blowfish, then crypt_blowfish(key, salt) is called.
As the random salt doesn't start with $2a$ magic it is not considered to
be '$2a$nn$salt'-like string. Then default number (04) is used all the
times.
Dan
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
