User: Password:
Subscribe / Log in / New account

Shadow hardening

Shadow hardening

Posted Mar 22, 2012 18:47 UTC (Thu) by RobSeace (subscriber, #4435)
Parent article: Shadow hardening

> The principle advantage is that Blowfish can be configured to use as many
> set-up rounds as desired when generating the hash; thus administrators can
> increase the number of rounds over time to make attacks more and more
> computationally expensive as processor power increases.

How is that an advantage over SHA-*? They can also do the same thing:

(Log in to post comments)

Shadow hardening

Posted Mar 29, 2012 8:00 UTC (Thu) by chojrak11 (guest, #52056) [Link]

Exactly. Here is the shadow entry with SHA-512 and custom number of rounds:


here the PAM configuration:
password required obscure sha512 rounds=100000

and login.conf:

After the admin increase number of rounds, next password change will adapt the setting.

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds