MD5 Support

[senaque at thepla.net]

Hi folks,

I'm wondering, have any of you 'successfully' implemented MD5+shadow support in 
FAI?

By this I mean on the client installation (NFSROOT is not that important in most cases 
as its just a temporary vehicle for installation). 

I've just started having a look into it, and gosh, there is a lot involved. Basically in 
/fai/classes/DEFAULT.var, implementing a passwordtype=md5|des option then the 
rootpw would look different depending on this. This would also involve:

*  The use of a program similar to implement something similar to the 'makepasswd' 
package to generate the md5 string "fai". I've had a look for something like this but the 
only similar program I could find is a function used internally in base-config, or rather 
the passwd package config (/var/lib/dpkg/info/passwd.config) which I intend to modify 
for this purpose.

* A different set of packages? (pam, shadow, etc)

* A way to inform the system (pam etc) to use md5 instead of des

Has anyone toyed with this before? Is there an easier way? Is it possible to simplify 
this dramatically by just changing some settings in /fai/files/etc/* and/or modifying 
base.tgz? Perhaps umm supplying some passwd.settings for dpkg-reconfigure 
passwd?

I don't believe it's a waste of time because truly the MD5 (long length passwords) are 
much more secure than regular DES.

Ideas, comments and suggestions are _very_ welcome :-) It's looking to be a huge 
task and any help is good help, particularly since I'm not as familiar with dpkg/debconf 
as I want/should be!

Senaque.

---
E-MAIL: senaque at thepla.net
IRC: #FAI @ irc.freenode.net
WWW: http://www.sf.net/users/senaque/