>
> On Fri, 29 Sep 2000, jack wrote:
>
> > On Sep 28 Kris Kennaway wrote:
> >
> > > On Thu, 28 Sep 2000, Jim Mercer wrote:
> > >
> > > > the reason i ask, is that if people cvsup without seeing or noticing this,
> > > > they may not realize until too late that the new passwords are md5.
> > > >
> > > > anyone using nis with non-freebsd systems might get really upset.
> > >
> > > It should have been documented. It still can be :-)
> >
> > A change of this magnitude to default system behavior should have
> > been preceded by a HEADS UP to the stable list, IMO. Would have
> > save me several hours of aggravation.
>
> As someone who works in an environment where NIS is widely used with
> non-FreeBSD systems, I would comment that the current defaults (at least,
> change in them) are a disaster, especially given that they weren't
> documented. It was confusing enough before when I had to make sure (by
> phone, mind you) that people installed the DES support to get NIS to work.
> Now the defaults have magically switched, and in a way that wasn't
> documented. Joy. Maybe we should update ERRATA or the release notes for
> 4.1.1-RELEASE to make sure it's in there, and send out a formal note to
> -stable and possibly -announce. While I fortunately heard about this here
> first, I would frankly hate to have spent hours and hours remotely
> debugging a change that could potentially make it difficult for people to
> log in, and then propagated MD5 passwords into a DES password environment.
It was documented in login_cap(3). Now it's also documented in login.cap(5)
and yp(4). There weren't any complaints about it before, so there was no way
to know into the future that people wouldn't know what to do. I think the
right thing to do is to update the release notes and send an announcement to
-STABLE.
> The benefit of the old behavior was that, for FreeBSD to work in a mixed
> environment with NIS, DES had to be installed, meaning that DES would be
> the default for passwords. This was an implicit effect of allowing
> portable use of NIS. I wonder if there would be any way to force users of
> NIS to submit passwords using DES by default? The current framework
> doesn't seem to support or encourage that in a way that can be "default"
> and yet safe for normal use.
You had to install DES and _then_ add the +:::::::: line. Now there's one
more step. Do you find this unreasonable for more secure defaults? DES
passwords work under the assumption that there's just no way to get
master.passwd or (for NIS) sniff the wire/add untrusted machines, and are
quite trivial to crack, as you know. Other systems still using DES are just
about as protected as the first Unix systems that stored only cleartext
passwords.
--
Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! /
[EMAIL PROTECTED] `------------------------------'
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
