Changeset 38311c3 for chapter08/shadow.xml
- Timestamp:
- 12/01/2022 11:41:14 PM (17 months ago)
- Branches:
- 11.3, 11.3-rc1, 12.0, 12.0-rc1, 12.1, 12.1-rc1, bdubbs/gcc13, multilib, renodr/libudev-from-systemd, trunk, xry111/arm64, xry111/arm64-12.0, xry111/clfs-ng, xry111/loongarch, xry111/loongarch-12.0, xry111/loongarch-12.1, xry111/mips64el, xry111/update-glibc
- Children:
- a1bc9df, cabb60df
- Parents:
- 82e98d0 (diff), da6e70f (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the(diff)
links above to see all the changes relative to each parent. - File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
chapter08/shadow.xml
r82e98d0 r38311c3 63 63 <emphasis>crypt</emphasis> method, use the more secure 64 64 <emphasis>SHA-512</emphasis> method of password encryption, which also 65 allows passwords longer than 8 characters. It is also necessary to change 65 allows passwords longer than 8 characters. In addition, set the number of 66 rounds to 500,000 instead of the default 5000, which is much too low to 67 prevent brute force password attacks. It is also necessary to change 66 68 the obsolete <filename class="directory">/var/spool/mail</filename> location 67 69 for user mailboxes that Shadow uses by default to the <filename … … 81 83 82 84 <screen><userinput remap="pre">sed -e 's:#ENCRYPT_METHOD DES:ENCRYPT_METHOD SHA512:' \ 85 -e 's@#\(SHA_CRYPT_..._ROUNDS 5000\)@\100@' \ 83 86 -e 's:/var/spool/mail:/var/mail:' \ 84 87 -e '/PATH=/{s@/sbin:@@;s@/bin:@@}' \ … … 204 207 an ID equal to this number on your system, then the first time you use 205 208 <command>useradd</command> without the <parameter>-g</parameter> 206 parameter, an error message will be generated —<computeroutput>useradd:209 parameter, an error message will be generated—<computeroutput>useradd: 207 210 unknown GID 999</computeroutput>, 208 211 even though the account has been created correctly. That is why we
Note:
See TracChangeset
for help on using the changeset viewer.