Hi All, Thank you, thank you to all who replied, since a number of the suggestions led me in the right direction. The consensus was that the $ indicated that the password was encrypted using a newer encryption algorithm (most likely MD5). Although interestingly, the problematic /etc/shadow passwords only had a "$1" at the beginning, instead of "$1$". "$1$" appears to be the more common way to denote that the entry is in MD5 encryption. So, I'm not sure what that's all about. In any case, I eventually had the thought that perhaps a recent patch had "broken" MD5. After all, some of these MD5 passwords have been around for many months, and we have never before had a problem. So, on that hunch, I tracked down patch 112874-30 and uninstalled it, and lo and behold, the MD5 password problem went away. Several of you also indicated that I could force Sol 9 to only use the standard UNIX DES encryption by removing MD5, Blowfish, and Sun MD5 from CRYPT_ALGORITHMS_ALLOW in policy.conf. I'll keep that on the back burner in case we decide to go one way or the other (completely back to DES or completely forward to MD5 or Blowfish). The bottom line is that I should have done my homework when Solaris 9 came out. I did not realize that support for additional encryption algorithms had been added. Thanks again for all of your responses. This forum has been quite helpful over the years, and I'm sure it will remain so for years to come. Stanley E. Laufer Network Administrator School of Library and Information Science San Jose State University _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Mon Jan 31 20:33:21 2005
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:43 EST