[CentOS] How to enable SHA1 passwords after migration from OpenSUSE?

Andreas Pedersen alofflambas at gmail.com
Fri Jun 27 13:47:42 UTC 2008

On Fri, Jun 27, 2008 at 2:03 PM, Papalagi Pakeha
<papalagi.pakeha at gmail.com> wrote:
> On Fri, Jun 27, 2008 at 12:11 PM, Andreas Pedersen
> <alofflambas at gmail.com> wrote:
>> On Thu, Jun 26, 2008 at 2:05 PM, Papalagi Pakeha
>> <papalagi.pakeha at gmail.com> wrote:
>>> Hi there!
>>> I have recently migrated my old server from OpenSUSE 10.0 to CentOS 5.
>>> Almost everything works great, except for one thing - user passwords.
>>> In the old system they were in a form:
>>> root:$2a$05$9V.P3/KV2fd0r/O8hs0gNueaidF35edj3DL6skb32qZJNpvwVHiUO:12183:0:99999:7:::
>>> and that format doesn't seem to be understood by CentOS. When I change
>>> the password I get something like:
>>> root:$1$Z0HGYkIb$fbkW0gR6c.k7rENE1NlzE0:14055:0:99999:7:::
>>> Note the encrypted password begins with $2a$... in OpenSUSE while in
>>> CentOS it starts with $1$... CentOS passwords (MD5?) are understood by
>>> OpenSUSE but OpenSUSE passwords (SHA1?) are not understood by CentOS.
>> First: '$2a' is not SHA1 its Blowfish.
>> I belive you need libxcrypt support, I'm not sure just google fast I
>> hope this will help you.
>> # OpenSUSE 10.2 box
>> $ ldd /lib/security/pam_unix2.so
> I can't find pam_unix2 for CentOS. It's doesn't seem to be in any of
> the repos I know of. Any hint as where to get hold of it?

show all pam packages
$ rpm -qa \*pam\*
list files for pam
$ rpm -ql pam

I believe you need to rebuild pam modules (pam_unix2), see arch wiki.

Quote: "You must download libxcrypt PKGBUILD and build it. That's
because libcrypt from glibc only supports md5 and DES algorithms,
which we don't want."

> PaPa
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

More information about the CentOS mailing list