On Wed, 9 Jan 2008, Jeremy Sanders wrote: > Hi - > > Does anyone know how to change an existing NIS server from using DES-style > passwords to MD5 passwords? Is it possible to continue running with both > types of passwords, asking users to upgrade as they are ready? > > I've tried running > > authconfig --enablemd5 > > on the server and client, but this didn't seem to help very much.
Um, no, that's not going to do very much. Since 3des and md5 are trapdoor algorithms there's no way to extract the plaintext password from one of them to translate it to the other. At the very least you'll have to set up a mechanism to hash new passwords into md5 and then ask all your users to change their passwords. Doing this 'in place' on existing infrastructure may not be a good idea. You'll likely want to deploy new servers, etc. to serve the new maps. Also, you might consider what kinds of clients are consuming these maps. Linux got md5 words pretty early IIRC but if you have any older Solaris or HP-UX machines, for example, they may not be able to use md5 passwords. -Deke _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
