[CentOS] Shadow passwords NOT md5'ed ?

Stephen Harris lists at spuddy.org
Sun Apr 5 13:00:36 UTC 2009


I have may missed this in all the traffic, but has anyone checked the
PAM entry?  This is what actually counts; the other files are used by
administrative tools to configure PAM

% grep ^password /etc/pam.d/system-auth
password    requisite     pam_cracklib.so try_first_pass retry=3
password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authtok
password    required      pam_deny.so


The "md5" word there is what tells the password command to use md5 encryption

-- 

rgds
Stephen


More information about the CentOS mailing list