diff options
author | Balint Reczey <balint@balintreczey.hu> | 2021-11-14 12:31:13 +0100 |
---|---|---|
committer | Balint Reczey <balint@balintreczey.hu> | 2022-01-22 21:53:25 +0100 |
commit | 86554616985345f438e387520f076192e9277a34 (patch) | |
tree | e15d13b07ca395937951b3f49c4094f8474ee11b | |
parent | 395194208e1ab9b956e12df6e6c956cead219c20 (diff) | |
download | shadow-86554616985345f438e387520f076192e9277a34.tar.gz |
Include YESCRYPT options in shipped login.defs
Closes: #991914
-rw-r--r-- | debian/login.defs | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/debian/login.defs b/debian/login.defs index 824cbaf1..cf0f66b1 100644 --- a/debian/login.defs +++ b/debian/login.defs @@ -269,6 +269,7 @@ USERGROUPS_ENAB yes # If set to MD5 , MD5-based algorithm will be used for encrypting password # If set to SHA256, SHA256-based algorithm will be used for encrypting password # If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to YESCRYPT, YESCRYPT-based algorithm will be used for encrypting password # If set to DES, DES-based algorithm will be used for encrypting password (default) # Overrides the MD5_CRYPT_ENAB option # @@ -294,6 +295,19 @@ ENCRYPT_METHOD SHA512 # SHA_CRYPT_MAX_ROUNDS 5000 # +# Only works if ENCRYPT_METHOD is set to YESCRYPT. +# +# Define the YESCRYPT cost factor. +# With a higher cost factor, it is more difficult to brute-force the password. +# However, more CPU time and more memory will be needed to authenticate users +# if this value is increased. +# +# If not specified, a cost factor of 5 will be used. +# The value must be within the 1-11 range. +# +#YESCRYPT_COST_FACTOR 5 + +# # The pwck(8) utility emits a warning for any system account with a home # directory that does not exist. Some system accounts intentionally do # not have a home directory. Such accounts may have this string as |