|
OpenBSD Security Functionally paranoid! |
|
Thread Tools | Display Modes |
|
|||
Questions about encrypt local passwords
Questions about encrypt local passwords
I would like know which encryption method is used by 'auto'. Encrypt local passwords using method of encryption as described in login.conf(5). If method is ``auto'', the encryption type will be derived from the user's login class. man 5 login.conf Default allowed authentication styles: auth-defaults:auth=password,skey Does is means that by default passwords local stores using the system s / key ? Which algorithm is used by system s/key the md4 or the md5? Note: For the moment I am using qemu for getting comfortable with openbsd. |
|
|||
Thanks for the clarification.
But i have another question: Quote:
In essence, by default, is assigned a more robust encoding in the case of execution of demons and slightly less for passwords? |
|
||||
The daemon class is used by /etc/rc and root.
I do not know the reason for the different number of rounds, I could only guess it is for performance. You're welcome to change ciphers, or change the number of rounds, as you wish. The encrypted passwords are stored in /etc/master.passwd which requires root access. (If root is compromised, passwords won't matter anyway.) There was a thread in the misc@ archives from December 2005, about the blowfish cipher and it's use. The thread also discusses other cipher technologies, including MD5. It starts here: http://marc.info/?l=openbsd-misc&m=113588769128789&w=2 |
|
|||
According to Wikipedia, blowfish is considerably resource intensive.. which makes brute force attacks especially hard.
I trust the OpenBSD developers have done us justice.. still, pick a long alpha-numeric password.. 20/30 characters in length if you're memorization skills are well honed. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Generating passwords with jot(1) | J65nko | Guides | 9 | 29th August 2014 01:03 PM |
Easiest Way to Encrypt /tmp | Oko | OpenBSD Security | 4 | 16th April 2009 08:13 PM |
local dns (dnsmasq) | bsdperson | FreeBSD Ports and Packages | 3 | 3rd September 2008 06:48 AM |
proxy : replace gif with local gif | milo974 | OpenBSD General | 4 | 17th July 2008 06:45 AM |
Generating random passwords on FreeBSD | erno | Guides | 3 | 8th May 2008 08:44 AM |