Blowfish encryption for local passwords
Thomas M Steenholdt
tmus at tmus.dk
Mon Dec 4 09:51:15 UTC 2006
Tomas Mraz wrote:
> On Sun, 2006-12-03 at 22:03 +0100, Thomas M Steenholdt wrote:
>> Hi guys,
>>
>> Is there a reason why fedora does not support blowfish (at least through
>> the various included tools, system-config-authentication etc.) for
>> password encryption?
>> From my understanding, Blowfish provides encryption far superior to
>> even MD5 and there should no license problems.
>> Even though MD5 might seem hard-enough-to-crack, why would we stop there?
>>
>> Also, it seems like supporting blowfish would not be very hard to
>> implement in fedora, so why don't we?
>>
>> (and the unavoidable:) Other linux distros have Blowfish encryption for
>> passwords ;-)
>>
>> Thanks
>
> We need support for blowfish directly in glibc or replace libcrypt from
> glibc with libxcrypt first. Then all other packages can be updated to
> support Blowfish.
>
> See:
>
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173002
>
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173834
>
Thanks - I've CC'ed myself on those bugs. Doesn't seem like there s much
activity on them, though?? Perhaps the actual activity is going on
elsewhere (cvs or such)?
Latest update for the respective bugs is january and may of this year?
/Thomas
More information about the devel
mailing list