blob: 531ce04a89bda90e4b6aa41339e0319b652b4d33 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
<!--
SPDX-FileCopyrightText: 2007 - 2008, Nicolas François
SPDX-License-Identifier: BSD-3-Clause
-->
<varlistentry>
<term><option>ENCRYPT_METHOD</option> (string)</term>
<listitem>
<para>
This defines the system default encryption algorithm for encrypting
passwords (if no algorithm are specified on the command line).
</para>
<para>
It can take one of these values: <phrase condition="bcrypt">
<replaceable>BCRYPT</replaceable>,</phrase>
<replaceable>DES</replaceable> (default),
<replaceable>MD5</replaceable><phrase condition="sha_crypt">,
<replaceable>SHA256</replaceable>,
<replaceable>SHA512</replaceable></phrase><phrase condition="yescrypt">,
<replaceable>YESCRYPT</replaceable></phrase>.
MD5 and DES should not be used for new hashes, see
<refentrytitle>crypt</refentrytitle><manvolnum>5</manvolnum>
for recommendations.
</para>
<para>
Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option>
variable.
</para>
<para condition="pam">
Note: This only affect the generation of group passwords.
The generation of user passwords is done by PAM and subject to the
PAM configuration. It is recommended to set this variable
consistently with the PAM configuration.
</para>
</listitem>
</varlistentry>
|