Migrating NIS yppasswd hashes from crypt to md5

Question

Migrating NIS yppasswd hashes from crypt to md5

Imagine a NIS user database /var/yp/input-files/passwdmade up of old DES cache ciphers. The goal is to port this database to md5 or sha hashes. When changing the password with, yppasswdit is generated using the same algorithm as for the existing record (probably for reasons related to inheritance), i.e. Crypt remains crypt, md5 remains md5.

Our current plan is to write a custom password change script wrapping yppasswd. Is there a more elegant way to tell yppasswd to generate changed passwords in md5 format by default?

+3

linux migration md5 passwd nis

Speckinius flecksis May 26 '11 at 9:56

source share

2 answers

Speckinius Flecksis · Answer 1 · 2011-05-30T16:08:06+0000

I figured it out now:

nis- , . apt-get source nis Debian.
yp-tools-2.9 /src/yppasswd.c
int has_md5_passwd = 0; int has_md5_passwd = 1; int main (int argc, char **argv)

yppasswd md5.

asciiphil · Answer 2 · 2013-01-25T20:31:25+0000

Linux NIS PAM, , passwd yppasswd. , -, - ( yp-tools 2.12) yppasswd.

/etc/pam.d/passwd, , , , :

password  sufficient  pam_unix.so md5 nis

, , , password pam_unix.so, nis, -, NIS (md5, sha256 ..)

, , , .

RedHat (, , RHEL, CentOS, Scientific Linux Fedora) authconfig --enablenis. MD5 :

authconfig --enablenis --usemd5 --update

Debian (, , Debian-, ), , , , /usr/share/pam-configs/unix - (, /usr/share/pam-configs/nis), , , pam-auth-update, " Unix" .

Migrating NIS yppasswd hashes from crypt to md5

More articles: