My system is saving passwords in SHA-512 and DirectAdmin can't read them. I need MD5


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » System Level

My system is saving passwords in SHA-512 and DirectAdmin can't read them. I need MD5Last Modified: Jul 29, 2013, 1:54 pm
Some newer OS's (Fedora 9) use SHA-512 by default. DA is often not compiled with support for SHA, so once a password is changed, DA calls the "passwd" program, which would set the new password into SHA-512.  DA would then not be able to use it, and you wouldn't be able to login.

CentOS / Fedora
The solution is to edit:

/etc/pam.d/system-auth-ac

Find the line:

password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass use_authtok

change it to:

password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authtok






On Debian systems, edit:

/etc/login.defs

and change:

#MD5_CRYPT_ENAB  no

to

MD5_CRYPT_ENAB  yes

which tells the chpasswd command, called by DA, to use the MD5 instead of SHA-512.



FreeBSD
Edit the /etc/login.conf, find the line

:passwd_format=sha512:\

and replace it with:

:passwd_format=md5:\

Then run the following to rebuild the /etc/login.conf.db from the /etc/login.conf file:

cap_mkdb /etc/login.conf

 
Related Helpfiles
How to test a password crypt

2003 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST