* libmisc/salt.c: The salt has a random size (between 8 and 16
bytes). * lib/getdef.c, etc/login.defs: Add definitions for SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS. * libmisc/salt.c: Use SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS to add a random number of rounds if needed.
This commit is contained in:
nekral-guest
@@ -288,6 +288,22 @@ CHFN_RESTRICT rwh
|
||||
#
|
||||
#ENCRYPT_METHOD DES
|
||||
|
||||
#
|
||||
# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
|
||||
#
|
||||
# Define the number of SHA rounds.
|
||||
# With a lot of rounds, it is more difficult to brute forcing the password.
|
||||
# But note also that it more CPU resources will be needed to authenticate
|
||||
# users.
|
||||
#
|
||||
# If not specified, the libc will choose the default number of rounds (5000).
|
||||
# The values must be inside the 1000-999999999 range.
|
||||
# If only one of the MIN or MAX values is set, then this value will be used.
|
||||
# If MIN > MAX, the highest value will be used.
|
||||
#
|
||||
# SHA_CRYPT_MIN_ROUNDS 5000
|
||||
# SHA_CRYPT_MAX_ROUNDS 5000
|
||||
|
||||
#
|
||||
# List of groups to add to the user's supplementary group set
|
||||
# when logging in on the console (as determined by the CONSOLE
|
||||
|
||||
Reference in New Issue
Block a user