On Fri, Jun 8, 2012 at 9:06 AM, Maxim Khitrov <m...@mxcrypt.com> wrote: > On Fri, Jun 8, 2012 at 8:51 AM, Dag-Erling Smørgrav <d...@des.no> wrote: >> We still have MD5 as our default password hash, even though known-hash >> attacks against MD5 are relatively easy these days. We've supported >> SHA256 and SHA512 for many years now, so how about making SHA512 the >> default instead of MD5, like on most Linux distributions? > > If SHA-2 hashes have been supported for many years, why haven't the > man pages been updated? login.conf(5) on 9.0-RELEASE still only lists > "des", "md5", and "blf". I've been using the latter on my systems.
Yes, I think at least listing all the supported algorithms in the login.conf man page is of utmost importance. I've been using blowfish since it was introduced to FreeBSD over 12 years ago, but I had no idea that any other algorithms were possible/available until now. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
