Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
02-11-2006, 06:13 PM
|
#1
|
|
LQ Newbie
Registered: Feb 2006
Distribution: Ubuntu v5.1
Posts: 16
Rep: 
|
Password Encryption: DES, MD5, Blowfish.
Password Encryption: DES, MD5, Blowfish.
What should be considered when choosing Password Encryption format ?
Why do some distributions default to Blowfish when according to Linux Install DES is reported as Linux Default ?
What effect has the Password Encryption format when using Linux in multi operating systems environment. Let's say Linux, Windows, NetWare and MacOS.
What effect has the Password Encryption format when Linux network spans across North America, Europe, Asia and Africa ?
How can Password Encryption Format be changed after Linux system is already installed and configured ?
Are there other Password Encryption format beside DES, MD5, Blowfish ?
|
|
|
|
|
02-11-2006, 07:50 PM
|
#2
|
|
Senior Member
Registered: Dec 2003
Location: phnom penh
Distribution: Fedora
Posts: 1,625
Rep: 
|
When is it due?
|
|
|
|
|
02-12-2006, 01:17 AM
|
#3
|
|
Member
Registered: Jun 2005
Posts: 542
Rep:
|
Quote:
|
Originally Posted by swiadek
What should be considered when choosing Password Encryption format ?
|
Of the 3 algorithms mentioned, the one based on blowfish takes a longer time to brute-force. This is a plus. MD5 will no longer be considered an option for cryptographic use as it's known to be vulnerable.
Quote:
|
Why do some distributions default to Blowfish when according to Linux Install DES is reported as Linux Default ?
|
DES has been phased out. Some distributions use blowfish by default because it's better and both DES & MD5 are no longer considered secure.
Quote:
|
What effect has the Password Encryption format when using Linux in multi operating systems environment. Let's say Linux, Windows, NetWare and MacOS.
|
If it's used for authentication then there's no problem if it's centralized. You may then use LDAP, Kerberos, NIS, Samba... Another issue may be migration: if the new system doesn't understand the format, you have to reset passwords and make people introduce new ones.
Quote:
|
How can Password Encryption Format be changed after Linux system is already installed and configured ?
|
Yeah, it's possible. |
|
|
|
|
02-12-2006, 04:07 PM
|
#4
|
|
Member
Registered: Sep 2002
Posts: 310
Rep: 
|
Quote:
|
Originally Posted by Berhanie
When is it due?
|
LOL my thoughts exactly. Beat me to it  |
|
|
|
|
02-12-2006, 07:53 PM
|
#5
|
|
Senior Member
Registered: Jan 2004
Location: Roughly 29.467N / 81.206W
Distribution: OpenBSD, Debian, FreeBSD
Posts: 1,450
Rep:
|
Quote:
|
Originally Posted by primo
MD5 will no longer be considered an option for cryptographic use as it's known to be vulnerable.
|
Do you have a reference for this as it relates to passwords? I would be interested in seeing it.
Please note: md5 passwords used for *nix are salted, I have a feeling you're referencing a MySQL issue or a file integrity issue, both of which are vastly different. If I am wrong, I really would be interested in seeing something about it.
Last edited by frob23; 02-12-2006 at 07:57 PM.
|
|
|
|
|
02-12-2006, 08:54 PM
|
#6
|
|
Senior Member
Registered: Dec 2003
Location: phnom penh
Distribution: Fedora
Posts: 1,625
Rep:
|
With MD5, people have found "collisions", i.e. two different files having the same MD5 hash. This is the reason some people are questioning it. As far as I know, noone has been able to start with a fixed (in the sense of mathematics) file A, and produce a different file B having the same MD5 hash.
|
|
|
|
|
02-12-2006, 09:04 PM
|
#7
|
|
Senior Member
Registered: Jan 2004
Location: Roughly 29.467N / 81.206W
Distribution: OpenBSD, Debian, FreeBSD
Posts: 1,450
Rep:
|
Quote:
|
Originally Posted by Berhanie
With MD5, people have found "collisions", i.e. two different files having the same MD5 hash. This is the reason some people are questioning it. As far as I know, noone has been able to start with a fixed (in the sense of mathematics) file A, and produce a different file B having the same MD5 hash.
|
Yes, I know this but file collisions are unrelated to passwords in many ways. File md5s are unsalted, the samples are much larger (giving more opportunity to "correct" for differences), and so on. If there is a report which investigated these concerns and found a reason to suspect md5 as insecure in passwords, I would like to see it.
While I do not place unfailable trust in any method of encryption, I have selected md5 passwords across my network (and other computers I have setup)... if there is a reason to change this, I would be interested in seeing it. I have looked myself after I first read the comment above but been unable to find anything on it. |
|
|
|
|
02-13-2006, 04:27 PM
|
#8
|
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
The forum rules do not posting of homework questions. Please visit http://www.linuxquestions.org/linux/rules.php for more information. Feel free to contact the forum admin if you have any questions about this policy.
I'm closing this thread |
|
|
|
All times are GMT -5. The time now is 04:42 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
