MD5 Support
Christophe Boyanique
tof at raceme.org
Tue Jan 28 10:14:16 CET 2003
Hi,
On Tue, 28 Jan 2003 senaque at thepla.net wrote:
> I'm wondering, have any of you 'successfully' implemented MD5+shadow
> support in FAI?
Yes I have :)
> * The use of a program similar to implement something similar to the
> 'makepasswd' package to generate the md5 string "fai". I've had a look
> for something like this but the only similar program I could find is a
> function used internally in base-config, or rather the passwd package
> config (/var/lib/dpkg/info/passwd.config) which I intend to modify for
> this purpose.
Ok so here how I do and this is hacking:
1/ genreating a md5 password:
mkpasswd -H md5
tof at gryzor:~$ which mkpasswd
/usr/bin/mkpasswd
tof at gryzor:~$ dpkg -S /usr/bin/mkpasswd
whois: /usr/bin/mkpasswd
what the hell is mkpasswd doing in the whois package ? I don't know !
> * A different set of packages? (pam, shadow, etc)
Nope.
> * A way to inform the system (pam etc) to use md5 instead of des
Here it is:
# from /var/lib/dpkg/info/passwd.config:
# Turn shadow passwords on
# after S20 which sets root passwd
chroot $target shadowconfig on
# Turn MD5 passwords on
for file in $target/etc/pam.d/*; do
if [ -e $file ]; then
if ! egrep -q "^password.*pam_(unix|ldap)\.so.*md5"
$file ; then
sed 's/^\(password.*\)/\1 md5/' \
< $file > $file.new
mv -f $file.new $file
fi
fi
done
This is hack but this is working.
Christophe.
More information about the linux-fai
mailing list