If looking up the default is sufficiently ugly I propose we just hardcode it to yescrypt and check in CI that `useradd ; passwd` or whatever actually uses the algorithm we expect. We won't be happy the day the CI check fails but at least we'll know promptly.
If looking up the default is sufficiently ugly I propose we just hardcode it to yescrypt and check in CI that `useradd ; passwd` or whatever actually uses the algorithm we expect. We won't be happy the day the CI check fails but at least we'll know promptly.