Roman Morokutti wrote: >> Do you have both CRYPT_ALGORITHMS_ALLOW and >> CRYPT_ALGORITHMS_DEPRECATE >> set as well as CRYPT_DEFAULT ? > > No. At the moment not, and as you described below > I won't do it. > > > >> What values are they set to ? > > I have set CRYPT_DEFAULTto md5 (Sun's implementation) > and CRYPT_ALGORITHMS_ALLOW is set to 1,2a,md5 > and CRYPT_ALGORITHMS_DEPRICATE is not set. > > > >> Well I wrote the code :-) > > Great. Then you surely can answer my next question: > > After changing policy.conf is it possible to edit the password > by changing it with the old one to take effect of the md5 > algorithm? Or do I have to specify a new one?
If you do the change as root you by pass the "password complexity" checks and can reset the password using the same value. If you do it as a normal user it will need to be a new password. -- Darren J Moffat
