[CentOS] 6.2 and login.defs

Thu Dec 22 11:40:41 UTC 2011
Reindl Harald <h.reindl at thelounge.net>

On 22.12.2011 12:30, John Doe wrote:
> Hi,
> After the 6.2 upgrade, the new /etc/login.defs has:
> ENCRYPT_METHOD SHA512 instead of MD5Is it safe to just apply the change?
> Will my current MD5 passwords in /etc/passwd still work and only new passwords will be SHA512?
> Or are they automatically "converted" (rehashed) to SHA512?

i THINK and be pretty sure that it is safe because rehashing
is NOT possible in any way and ENCRYPT says how crypting should
be done, not that decrypting will only be done this way

> are they automatically "converted" (rehashed) to SHA512?

this is technically impossible on any system and in any context
the definition of a hash is NOT INVERTABLE and you would need
the plaintext-version to generate another hash type

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20111222/3950d30d/attachment-0005.sig>