Changeset aea16f6
- Timestamp:
- 11/25/2022 08:30:45 AM (17 months ago)
- Branches:
- 11.3, 11.3-rc1, 12.0, 12.0-rc1, 12.1, 12.1-rc1, bdubbs/gcc13, multilib, renodr/libudev-from-systemd, trunk, xry111/arm64, xry111/arm64-12.0, xry111/clfs-ng, xry111/loongarch, xry111/loongarch-12.0, xry111/loongarch-12.1, xry111/mips64el, xry111/update-glibc
- Children:
- 295e337, 43063fe
- Parents:
- 9a23a75
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
chapter08/shadow.xml
r9a23a75 raea16f6 63 63 <emphasis>crypt</emphasis> method, use the more secure 64 64 <emphasis>SHA-512</emphasis> method of password encryption, which also 65 allows passwords longer than 8 characters. It is also necessary to change 65 allows passwords longer than 8 characters. In addition, set the number of 66 rounds to 500,000 instead of the default 5000, which is much too low to 67 prevent brute force password attacks. It is also necessary to change 66 68 the obsolete <filename class="directory">/var/spool/mail</filename> location 67 69 for user mailboxes that Shadow uses by default to the <filename … … 81 83 82 84 <screen><userinput remap="pre">sed -e 's:#ENCRYPT_METHOD DES:ENCRYPT_METHOD SHA512:' \ 85 -e 's@#\(SHA_CRYPT_..._ROUNDS 5000\)@\100@' \ 83 86 -e 's:/var/spool/mail:/var/mail:' \ 84 87 -e '/PATH=/{s@/sbin:@@;s@/bin:@@}' \
Note:
See TracChangeset
for help on using the changeset viewer.