Project

General

Profile

Actions

Bug #7731

closed

Default OS root password hash algorithm should be SHA-2

Added by Dominic Cleal over 9 years ago. Updated almost 9 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

#2127 added support for different root password hash algorithms, but set the default to MD5.

I'd prefer to see the default be a SHA-2 algorithm and for users to have to explicitly drop the security level if they wish (bearing in mind that most OS definitions are auto-created). I think most modern OSes have long supported SHA-2 (e.g. RHEL 5.2 or above), so I don't think MD5 is a reasonable default.


Related issues 2 (0 open2 closed)

Related to Foreman - Feature #2127: Support newer hash schemes for root passwordsClosed01/15/2013Actions
Is duplicate of Foreman - Bug #10289: Change default root password hash function from MD5 to SHA256Closed04/28/2015Actions
Actions #1

Updated by Dominic Cleal over 9 years ago

  • Related to Feature #2127: Support newer hash schemes for root passwords added
Actions #2

Updated by Dominic Cleal almost 9 years ago

  • Is duplicate of Bug #10289: Change default root password hash function from MD5 to SHA256 added
Actions #3

Updated by Dominic Cleal almost 9 years ago

  • Status changed from New to Duplicate

A newer issue was opened with a PR, #10289.

Actions

Also available in: Atom PDF