© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Alright, sorry for my rudeness and impatience. Granted, I am not familiar with how these things are usually handled around here. I am aware this is mainly an upstream issue, but from crypt(3)'s man page I assumed distros are the ones who choose whether to implement Blowfish support.
To quote the man page: Blowfish (not in mainline glibc; added in some Linux distributions)
A good example is FreeRADIUS which has support for crypt(3) but no native bcrypt support. On distributions where crypt(3) supports blowfish, freeradius will be able to use it as well through crypt_blowfish.
Another problem si that PHP not only supports blowfish, but makes it the default cypher. Obviously not Ubuntu's problem, but apparently they think blowfish is better than SHA-x. In my opinion if there is no consensus, then a reasonable compromise would be to try and support both cyphers wherever possible.