Project

General

Profile

Bug #7731

Default OS root password hash algorithm should be SHA-2

Added by Dominic Cleal almost 5 years ago. Updated over 4 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

#2127 added support for different root password hash algorithms, but set the default to MD5.

I'd prefer to see the default be a SHA-2 algorithm and for users to have to explicitly drop the security level if they wish (bearing in mind that most OS definitions are auto-created). I think most modern OSes have long supported SHA-2 (e.g. RHEL 5.2 or above), so I don't think MD5 is a reasonable default.


Related issues

Related to Foreman - Feature #2127: Support newer hash schemes for root passwordsClosed2013-01-15
Is duplicate of Foreman - Bug #10289: Change default root password hash function from MD5 to SHA256Closed2015-04-28

History

#1 Updated by Dominic Cleal almost 5 years ago

  • Related to Feature #2127: Support newer hash schemes for root passwords added

#2 Updated by Dominic Cleal over 4 years ago

  • Is duplicate of Bug #10289: Change default root password hash function from MD5 to SHA256 added

#3 Updated by Dominic Cleal over 4 years ago

  • Status changed from New to Duplicate

A newer issue was opened with a PR, #10289.

Also available in: Atom PDF