Enable sha encryption for chpasswd binary in shadow utils package

microsoft / azurelinux

Linux OS for Azure 1P services and edge appliances

MIT License

4.31k stars 546 forks source link

Enable sha encryption for chpasswd binary in shadow utils package #7395

Open navjotsinghji opened 9 months ago

navjotsinghji commented 9 months ago

In order to meet the security requirements of our AFO Unity Cloud product, we require the chpasswd binary to be enabled with sha512 encryption, so this is a request to re-compile the shadow utils package with sha encryption

eric-desrochers commented 6 months ago

I think this is doable with using -c argument. Have you been able to try this and confirm if it works or not ?

$ chpasswd --help
Usage: chpasswd [options]

Options:
  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)

navjotsinghji commented 6 months ago

This was NOT working in 2.0 that's the reason I raised the issue.. (I mean after integratring with Mariner2.0, our app crashed at runtime and then I realized that /usr/sbin/chpasswd --crypt-method=SHA512 was failing. Reason is that chpasswd was NOT supporting sha512)..

NOT sure if there is an update now or you are referring to 3.0