diff --git a/etc/login.defs b/etc/login.defs index 7a40b621..6521220a 100644 --- a/etc/login.defs +++ b/etc/login.defs @@ -145,64 +145,17 @@ LOGIN_TIMEOUT 60 CHFN_RESTRICT rwh # -# Only works if compiled with ENCRYPTMETHOD_SELECT defined: # If set to SHA256, SHA256-based algorithm will be used for encrypting password # If set to SHA512, SHA512-based algorithm will be used for encrypting password -# If set to BCRYPT, BCRYPT-based algorithm will be used for encrypting password +# If set to BLOWFISH, BLOWFISH-based algorithm will be used for encrypting password +# If set to GOST_YESCRYPT, GOST_YESCRYPT-based algorithm will be used for encrypting password # If set to YESCRYPT, YESCRYPT-based algorithm will be used for encrypting password +# If set to MD5, MD5-based algorithm will be used for encrypting password # If set to DES, DES-based algorithm will be used for encrypting password (default) # MD5 and DES should not be used for new hashes, see crypt(5) for recommendations. # -# Note: If you use PAM, it is recommended to use a value consistent with -# the PAM modules configuration. -# ENCRYPT_METHOD SHA512 -# -# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512. -# -# Define the number of SHA rounds. -# With a lot of rounds, it is more difficult to brute-force the password. -# However, more CPU resources will be needed to authenticate users if -# this value is increased. -# -# If not specified, the libc will choose the default number of rounds (5000), -# which is orders of magnitude too low for modern hardware. -# The values must be within the 1000-999999999 range. -# If only one of the MIN or MAX values is set, then this value will be used. -# If MIN > MAX, the highest value will be used. -# -#SHA_CRYPT_MIN_ROUNDS 5000 -#SHA_CRYPT_MAX_ROUNDS 5000 - -# -# Only works if ENCRYPT_METHOD is set to BCRYPT. -# -# Define the number of BCRYPT rounds. -# With a lot of rounds, it is more difficult to brute-force the password. -# However, more CPU resources will be needed to authenticate users if -# this value is increased. -# -# If not specified, 13 rounds will be attempted. -# If only one of the MIN or MAX values is set, then this value will be used. -# If MIN > MAX, the highest value will be used. -# -#BCRYPT_MIN_ROUNDS 13 -#BCRYPT_MAX_ROUNDS 13 - -# -# Only works if ENCRYPT_METHOD is set to YESCRYPT. -# -# Define the YESCRYPT cost factor. -# With a higher cost factor, it is more difficult to brute-force the password. -# However, more CPU time and more memory will be needed to authenticate users -# if this value is increased. -# -# If not specified, a cost factor of 5 will be used. -# The value must be within the 1-11 range. -# -#YESCRYPT_COST_FACTOR 5 - # # Should login be allowed if we can't cd to the home directory? # Default is no.