no sha hash support in current ubuntu pam
Bug #245786 reported by
tyler
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pam (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
The current version shipped with ubuntu (even intrepid) does not support sha256 and sha512 hashes.
The current version of pam (0.99.10) found at ftp://ftp.
Changed in pam: | |
status: | New → In Progress |
To post a comment you must log in.
This bug was fixed in the package pam - 1.0.1-1ubuntu1
---------------
pam (1.0.1-1ubuntu1) intrepid; urgency=low
* Merge from Debian unstable modules/ pam_selinux/ pam_selinux. 8: Ubuntu pam_selinux manpage patches- applied/ ubuntu- pam_selinux_ seusers: patch pam_selinux to patches- applied/ ubuntu- rlimit_ nice_correction : Bound RLIMIT_NICE libpam- modules. postinst: Add PATH to /etc/environment if it's not pam_env. conf. (should send to Debian). libpam- runtime. postinst, local/common- {auth,password} {,.md5sums} : smbpass is not installed (LP: #216990); must use "requisite" libpam0g. postinst: only ask questions during update-manager when patches- applied/ series: Ubuntu patches are as below ... patches- applied/ ubuntu- fix_standard_ types: Use standard u_int8_t patches- applied/ ubuntu- no-error- if-missingok: add a new, magic patches- applied/ ubuntu- regression_ fix_securetty: prompt for patches- applied/ ubuntu- rlimit_ nice_correction : Explicitly patches- applied/ ubuntu- user_defined_ environment: Look at /.pam_environme nt too, with the same format as etc/security/ pam_env. conf. (Originally patch 100; converted to quilt.) no-error- if-missingok for the new upstream version.
* Dropped changes:
- Linux-PAM/
is 2 years newer than Debian's, contains a number of character escaping
fixes plus content updates
- debian/
correctly support seusers (backported from changes in PAM 0.99.8).
- debian/rules: install unix_chkpwd setgid shadow instead of setuid root.
The nis package handles overriding this as necessary.
- debian/
from below as well as from above. Fix off-by-one error when converting
RLIMIT_NICE to the range of values used by the kernel.
* Remaining changes:
- debian/
present there or in /etc/security/
- debian/
debian/
Use the new 'missingok' option by default for pam_smbpass in case
libpam-
rather than "required" to prevent "pam_smbpass migrate" from firing in
the event of an auth failure; md5sums updated accordingly.
- debian/
there are non-default services running.
- debian/
- debian/
type rather than __u8.
- debian/
module option 'missingok' which will suppress logging of errors by
libpam if the module is not found.
- debian/
password on bad username.
- debian/
initialise RLIMIT_NICE rather than relying on the kernel limits.
- debian/
~
/
* Refresh patch ubuntu-
* Change Vcs-Bzr to point at the new Ubuntu branch.
pam (1.0.1-1) unstable; urgency=low
* New upstream version.
- pam_limits: bound RLIMIT_NICE from below. Closes: #403718.
- pam_mail: set the MAIL variable even when .hushlogin is set.
Closes: #421010.
- new minclass option introduced for pam_cracklib. Closes: #454237.
- fix a failure to check the string length when matching usernames in
pam_group. Closes: #444427.
- fix setting shell security context in pam_selinux. Closes: #451722.
- use --disable-audit, to avoid libaudit being linked in
accidentally
- pam_unix now supports SHA-256 and SHA-512 password hashes.
Closes: #484249, LP: #245786.
- pam_rhosts_auth is dropped upstream (closes...