Cloud image user passwords encrypted by md5 by default?
Sitsofe Wheeler
sitsofe at gmail.com
Sun Aug 2 11:44:55 UTC 2015
Hi Colin,
On 1 August 2015 at 14:41, Colin Walters <walters at verbum.org> wrote:
> On Sat, Aug 1, 2015, at 01:34 AM, Sitsofe Wheeler wrote:
>>
>> The regular Fedora 22 default for password encryption seems to be
>> SHA512 but I couldn't turn anything up as to why cloud images had made
>> this change. Could some explain why MD5 is used?
>
> This was just fixed:
>
> https://git.fedorahosted.org/cgit/spin-kickstarts.git/commit/?id=9f254062c3c78d8480b04b340c1497c08126c0ca
>
> There was nothing intentional here, but what we're fighting is the legacy defaults for
> auth in Anaconda, requiring every kickstart user to override them to enable shadow passwords
> and sha512.
[...]
> Currently then, media installs have stronger defaults than kickstart, unless overridden
> explicitly by kickstart.
Thanks for explaining this to me! The only thing that I'd found was
https://git.fedorahosted.org/cgit/cloud-kickstarts.git/tree/container/
which is out of date with regard to the Fedora 22 cloud image. Perhaps
the cloud-kickstarts git repo should have a notice added to state that
it's deprecated in favour of spin-kickstarts?
--
Sitsofe | http://sucs.org/~sits/
More information about the cloud
mailing list