Skip to content

Commit

Permalink
MD5 not secure. Now it should be SHA512 by default
Browse files Browse the repository at this point in the history
  • Loading branch information
@gothicx
gothicx committed Apr 28, 2016
1 parent ad108f6 commit 5ffd4b6
Showing 1 changed file with 2 additions and 8 deletions.
10 changes: 2 additions & 8 deletions manifests/init.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@
$nis = false,
$nisdomain = undef,
$nisserver = undef,
$passalgo = 'md5',
$passalgo = 'sha512',
$shadow = true,
$krb5 = false,
$krb5realm = undef,
Expand Down Expand Up @@ -281,12 +281,6 @@
$nisserver_val = "--nisserver=${nisserver}"
}

# MD5
$md5_flg = $passalgo ? {
'md5' => '--enablemd5',
default => '--disablemd5',
}

# hash/crypt algorithm for new passwords
if $passalgo {
$passalgo_val = "--passalgo=${passalgo}"
Expand Down Expand Up @@ -482,7 +476,7 @@

$extra_flags = "${preferdns_flg} ${forcelegacy_flg} ${pamaccess_flg}"

$pass_flags = "${md5_flg} ${passalgo_val} ${shadow_flg}"
$pass_flags = "${passalgo_val} ${shadow_flg}"
$authconfig_flags = "${ldap_flags} ${nis_flags} ${pass_flags} ${krb5_flags} ${winbind_flags} ${extra_flags} ${cache_flg} ${mkhomedir_flg} ${sssd_flg} ${sssdauth_flg} ${rfc2307bis_flg} ${locauthorize_flg} ${sysnetauth_flg} ${smartcard_flags}"
$authconfig_update_cmd = "authconfig ${authconfig_flags} --updateall"
$authconfig_test_cmd = "authconfig ${authconfig_flags} --test"
Expand Down

0 comments on commit 5ffd4b6

Please sign in to comment.