Todo #4120
closed
Added by Renato Botelho over 9 years ago.
Updated about 8 years ago.
Description
A couple of things to be done to improve pfSense passwd:
- Change hash from MD5 to SHA512 or blowfish
- Start to create a salt to crypt() calls
- Priority changed from Normal to High
- Target version changed from 2.2.1 to 2.2.2
- Target version changed from 2.2.2 to 2.2.3
- Target version changed from 2.2.3 to 2.3
- Status changed from New to Feedback
- % Done changed from 0 to 100
Pull request #2450 has been merged
It's working fine AFAIK. I didn't see any problems reported.
Left it in feedback so more people can validate
- Status changed from Feedback to Resolved
One place was missed (swapping the password for bcrypt-hash in /conf.default/config.xml), I pushed a correction for that. It's working well otherwise. Existing users are OK, when their passwords are changed their hash is converted to bcrypt in the config and in passwd, old hashes are removed, and they can still login to the GUI and over SSH. Looking through the repo I can't find any other trace of the old hash so I think we're set.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by