I don't mind this if the eventual goal is to think about diddling with it per arch..
I certainly do NOT want a 2^11 blowfish password when logging into my sparc On 15 December 2010 21:33, Ted Unangst <ted.unan...@gmail.com> wrote: > On Wed, 15 Dec 2010, Ted Unangst wrote: > >> These values have not marched forward with the progress of time. For >> perspective, the last increase in bcrypt rounds was around the time we >> considered Monica Lewinsky a big scandal. > > OK, so let's table what the right values and just make the values > configurable. Then we can discuss moving up (or even down). > > Index: login.conf.in > =================================================================== > RCS file: /home/tedu/cvs/src/etc/login.conf.in,v > retrieving revision 1.2 > diff -u -r1.2 login.conf.in > --- login.conf.in 9 Jan 2007 10:20:12 -0000 1.2 > +++ login.conf.in 16 Dec 2010 04:28:42 -0000 > @@ -46,7 +46,7 @@ > :maxproc-c...@def_maxproc_cur@:\ > :openfiles-c...@def_openfiles_cur@:\ > :stacksize-cur=4M:\ > - :localcipher=blowfish,6:\ > + :localcipher=blowfish,@DEF_BLOWFISH_RNDS@:\ > :ypcipher=old:\ > :tc=auth-defaults:\ > :tc=auth-ftp-defaults: > @@ -62,7 +62,7 @@ > :maxproc=infinity:\ > :openfiles-cur=128:\ > :stacksize-cur=8M:\ > - :localcipher=blowfish,8:\ > + :localcipher=blowfish,@ROOT_BLOWFISH_RNDS@:\ > :tc=default: > > # > Index: mklogin.conf > =================================================================== > RCS file: /home/tedu/cvs/src/etc/mklogin.conf,v > retrieving revision 1.4 > diff -u -r1.4 mklogin.conf > --- mklogin.conf 24 Mar 2009 20:34:51 -0000 1.4 > +++ mklogin.conf 16 Dec 2010 04:30:28 -0000 > @@ -19,6 +19,8 @@ > values["STAFF_MAXPROC_MAX"]="512" > values["STAFF_MAXPROC_CUR"]="128" > values["STAFF_OPENFILES_CUR"]="128" > + values["DEF_BLOWFISH_RNDS"]="6" > + values["ROOT_BLOWFISH_RNDS"]="8" > > # Optional overrides > if (ARGC > 1) {