Dan Anderson wrote: > I assume SHA256 (5) was chosen over SHA512 (6) because SHA256 is more widely > available on other UNIX/Linux systems. True?
Both should be available on most system but it was purely a matter of how far we were willing to go. There is an overhead in going from SHA256 to SHA512 in the size of the output was well as the computation needed. The problem with SHA512 is the output string is > 100 chars in length. When I first integrated the extended crypt(3C) support into S9U2 I (stupidly) thought that 100 chars of password hash would be plently of space - turns out I was wrong! So an S9u2 system can't actually stor a SHA512 based hash without having libc patched, it can store a SHA256 one (just by porting that one standalone module over). Also SHA256 gives plenty of protection given that this isn't a simple hash or even simple HMAC-SHA256 but way more than that. -- Darren J Moffat
