One of the coolest things FreeBSD has done is include a little intelligence in their DES crypt libraries. When checking a password (against the system password files or MySQL) the DES libraries determine whether they're checking a MD5 or DES password. Unfortanately, the reverse is not true. The MD5 libraries cannot check a DES password. FreeBSD's default behavior is to use MD5 passwords (excluding DES encryption) so in order to authenticate against both, you simply change the symlinks to the crypt libraries from the MD5 crypts to the DES ones. For more information, read up on FreeBSD web site. Just do a search on DES from their main page and you'll find it. Matt > -----Original Message----- > From: Chris Shenton [mailto:[EMAIL PROTECTED]] > Sent: Friday, January 19, 2001 11:50 AM > To: Joe Modjeski > Cc: [EMAIL PROTECTED] > Subject: Re: FreeBSD Cryptography 101 - WAS - RE: vchkpw lacking > authenticatio n security > > > Joe Modjeski <[EMAIL PROTECTED]> writes: > > > crypt( 'joeblow', '$1$qKMDvF5y$bcpzwp1mNbCQuTQYvkkeX.'); for MD5 > > > > On FreeBSD the DES libraries. libdescrypt is the DES+MD5 > > library. > > > > Currently I have vpopmail+mysql authenticating successfully > for BOTH MD5 and DES passwords concurrently with no hitches. This is using > the libdescrypt library. > > Thanks for pointing that out. Did you have to do mods to the code to > get this to work, or tell it to link with libdescrypt instead of -- > what, normal "libcrypt"? > > Again, thanks for your clear examples (and lack of flamebait :-) >
