Re: [BUGS] BUG #1134: ALTER USER ... RENAME breaks md5

Fabien COELHO wrote:
>
> Dear Bruce,
>
> > Yes, the problem is that we used the username for the salt, just like
> > FreeBSD does for its MD5 passwords.
>
> Not that I know of on FreeBSD?
>
> shell> uname -a
> FreeBSD palo-alto2.ensmp.fr 4.9-STABLE FreeBSD 4.9-STABLE #5: Mon Mar 1 21:31:30 CET 2004 root(at)palo-alto2(dot)ensmp(dot)fr:/usr/src/sys/compile/IAR2M i386
>
> shell> grep coelho /var/yp/master.passwd
> coelho:$1$00EacB0I$4kQ/HmqFFQANZP/mxj8ZX0:210:20::0:0:COELHO, Fabien:/users/cri/coelho:/usr/local/bin/bash
> ^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^
> salt some base 64 encoding of 1002 paranoid md5 computations.
>
> Even of the salt is based on the login, the point is that it is stored
> separatly, so the system does not rely on the login string to check the
> password.

Oh, I thought FreeBSD used the username. Not sure were we got that
idea. I know we needed a different salt only so users with the same
password would not have the same MD5 value.

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073