DaemonForums  

Go Back   DaemonForums > NetBSD > NetBSD Security

NetBSD Security Securing NetBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 8th January 2011
Stranger Stranger is offline
New User
 
Join Date: Jan 2011
Posts: 4
Default BSD Hashes

hey guys, i'm making a FAQ about system hashes, and i need your help
could you please tell me what type of hashes are used in NetBSD and PC-BSD systems(for crypting users passwords)? thank you again!
Reply With Quote
  #2   (View Single Post)  
Old 8th January 2011
classicmanpro's Avatar
classicmanpro classicmanpro is offline
Real Name: Turea Alexandru Teodor
Fdisk Soldier
 
Join Date: Oct 2010
Location: Sinaia, Romania
Posts: 51
Post

Figure 3.34. Selecting a password encryption scheme.
__________________
A daemon in need is a daemon indeed.
Reply With Quote
  #3   (View Single Post)  
Old 8th January 2011
Stranger Stranger is offline
New User
 
Join Date: Jan 2011
Posts: 4
Default

2 classicmanpro

thank you very much, i hope i'll find an answer for PC-BSD too
Reply With Quote
  #4   (View Single Post)  
Old 8th January 2011
Stranger Stranger is offline
New User
 
Join Date: Jan 2011
Posts: 4
Default

one more question

"Figure 3.34. Selecting a password encryption scheme"

1) DES
2) MD5
3) Blowfish
4) SHA1

which SHA1 hash they mean? sha-512 or sha-256?
Reply With Quote
  #5   (View Single Post)  
Old 8th January 2011
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

SHA1 clearly indicates that it is not SHA256 or SHA512, notice the 1?
Reply With Quote
  #6   (View Single Post)  
Old 8th January 2011
Stranger Stranger is offline
New User
 
Join Date: Jan 2011
Posts: 4
Default

Quote:
Originally Posted by BSDfan666 View Post
SHA1 clearly indicates that it is not SHA256 or SHA512, notice the 1?
i see, it's just strange that NetBSD will use clear sha1 instead of sha512/256

thanks for help.
Reply With Quote
  #7   (View Single Post)  
Old 8th January 2011
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

Why is it odd? if the user has root access.. they can still attempt to brute force the password hashes regardless of key size, simple passwords will still be easy to find.

Remote security is generally considered more important, if you want to be safe, I'd recommend blowfish with more rounds.. and enforce a minimum password length.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:04 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick