[OpenWrt-Devel] r46816, remove unused crypt() algorithms -> switch to sha512?

Etienne Champetier champetier.etienne at gmail.com
Mon Sep 14 18:22:29 EDT 2015

Hi Felix,

Maybe we should keep sha512 and switch to it? md5 is not best security
practice these days.
I've checked, ubuntu 14.04 and fedora 22 both use sha512 in /etc/shadow

I wonder if AF_ALG can be of any interest here (integrate needed algo by
default into the kernel, then patch core software to use kernel

To conclude maybe you should emit a clear error when we try a now
unsupported hash,
because crypt can be used by other app, so maybe you just broke another app
and someone will waste a good amount of time debugging it

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20150915/1cb30b20/attachment.htm>
-------------- next part --------------
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list