Hi Derek, On 2026-04-29T11:01:15-0400, Derek Martin wrote: > 3. No even vaguely modern system still uses MD5 in /etc/shadow anyway.
Actually, shadow still supports MD5, and still defaults to DES. I'm working at the moment on removing support for it in a future release, and default to SHA512. <https://github.com/shadow-maint/shadow/pull/1454> <https://github.com/shadow-maint/shadow/pull/1457> <https://github.com/shadow-maint/shadow/pull/1456> <https://github.com/shadow-maint/shadow/pull/1455> In fact, support for SHA256/SHA512 was only conditionally compiled until now; I've made it mandatory for the next release. <https://github.com/shadow-maint/shadow/pull/1452> However, I expect that everyone was compiling it with support for SHA*, and setting it in their configuration to use it instead of DES. > Historically MD5 hashes are encoded as the ascii-hexified values of > the bytes (e.g. a value of 255 will be represented by the string > "ff"). Thanks! This confirms what I was suspecting after other messages. > However on modern systems, MD5 is no longer used at all in > /etc/shadow. The modern format actually allows for multiple different > hashes to be used simultaneously, and which hash is used is encoded in > the password field itself. Typically this is now SHA2-256 or > SHA2-512, though I believe the latest (non-LTS) versions use something > called yescrypt, which FWIW I have never seen used in any other > context. The actual hash portion is base64-encoded. Hmmmm, thanks! So it has changed. Interesting! > However, a better question is, should Mutt support CRAM-MD5 *at all*? > MD5 is broken and hence no longer used for authentication on any > modern system. Unless IMAP4/SASL can't work without it (which I don't > know, but that would surprise me) then probably what should actually > happen here is that CRAM-MD5 support should be compiled out entirely > by default, and only compiled in if the user configures it expressly, > with ample documentation in the configure script help that you really > shouldn't be using that... +1 > It's probably somewhat likely that the reason this hasn't come up > before is because no one is using it anyway. Users who for some > reason must use SASL are probably using something like SCRAM-SHA-256 > or Kerberos, and everyone else is using TLS. Have a lovely night! Alex -- <https://www.alejandro-colomar.es>
signature.asc
Description: PGP signature
