[CentOS] 6.2 and login.defs

Thu Dec 22 14:49:17 UTC 2011
John Doe <jdmls at yahoo.com>

From: Stephen Harris <lists at spuddy.org>

> If you look at "man 3 crypt" you'll see the same function is used 
> to generate all the different types of encryption; the difference is 
> the "salt" value.  When you try to login the system will see (based 
> on your shadow entry) what the current password is encrypted with 
> and will use the same salt to encrypt your typed-in password.
> In this way the password file can contain traditional DES, MD5 and
> SHA512 at the same time (for different users, obviously).  So "root"
> could be SHA512, "fred" could be MD5 and "harry" could be 
> DES, and
> they'll all work.
> login.defs merely defines how _new_ passwords are encrypted (when you run
> the passwd command).

Thanks for the info!