Hi, On Wednesday 02 November 2005 09:04, Christian Perrier wrote: > The attached patch documents the password preseeding, including the "new" > ways to preseed passwords as of shadow 4.0.13-1, which is now in testing.
Thanks.
> I'm not very used to the writing style of the Installation Guide. This is
> why I did not commit the change immediately as it probably needs a review.
Looked good to me, besides this:
Three remarks about the 2nd paragraph: (quoted now for easier reference)
+<para condition="etch">
+The passwords can also be preseeded as MD5 <emphasis>hashes</emphasis>
+by using the <classname>passwd/root-password-crypted</classname> and
+<classname>passwd/user-password-crypted</classname> variables. Thihs
+method is considered slightly better in terms of security but not
+completely proof as well because physical access to a MD5 </para> hash
+allows for brute force attacks. Some people even consider this method
+can be less secure as it may give a false sense of security.
+</para>
1. typo: Thihs
2. s/Some people even consider this method can be less secure as it may give a
false sense of security./Some people consider this method problematic as it
may give a false sense of security./
Maybe its even sensible to write it even shorter: "This method is considered
slightly better in terms of security but it might also give a false sense of
security because physical access to a MD5 hash allows for brute force
attacks."
3. I believe the </para> after the 2nd MD5 is wrong.
regards,
Holger
pgpLzxMnnG2JA.pgp
Description: PGP signature
