aboutsummaryrefslogtreecommitdiff
path: root/system
diff options
context:
space:
mode:
authorGravatar Yann E. MORIN <yann.morin.1998@free.fr>2015-03-24 19:54:15 +0100
committerGravatar Thomas Petazzoni <thomas.petazzoni@free-electrons.com>2015-04-10 22:28:32 +0200
commit029179615e8252c112882857a7844d08cea44741 (patch)
tree24a9cdddf1812881740228cb4279f339239c9a37 /system
parent9c7710015112464d74cb6be16c05dd6fc23ae122 (diff)
downloadbuildroot-029179615e8252c112882857a7844d08cea44741.tar.gz
buildroot-029179615e8252c112882857a7844d08cea44741.tar.bz2
system: remove DES password encoding
DES is long dead, it is insecure as hell, and virtually all known crypt(3) implementations now all support at least md5. Besides, the character-space of DES-encoded passwords are a sub-set of the character-space for a clear-text password, so we can't easily differentiate between the two. Since we're going to change the root password prompt to support setting encoded passwords (as well as clear-text passwords), we can't keep DES or we'd be unable to decide whether we'd need to encode the password or not. Remove DES encoding altogether (and add a legacy entry). The default is still md5, and thus there's no backward-compatibility 'select' to add. Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Lorenzo Catucci <lorenzo@sancho.ccd.uniroma2.it> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'system')
-rw-r--r--system/Config.in9
1 files changed, 0 insertions, 9 deletions
diff --git a/system/Config.in b/system/Config.in
index 935f7a11fa..431524d103 100644
--- a/system/Config.in
+++ b/system/Config.in
@@ -27,14 +27,6 @@ choice
Note: this is used at build-time, and *not* at runtime.
-config BR2_TARGET_GENERIC_PASSWD_DES
- bool "des"
- help
- Use standard 56-bit DES-based crypt(3) to encode passwords.
-
- Old, wildly available, but also the weakest, very susceptible to
- brute-force attacks.
-
config BR2_TARGET_GENERIC_PASSWD_MD5
bool "md5"
help
@@ -67,7 +59,6 @@ endchoice # Passwd encoding
config BR2_TARGET_GENERIC_PASSWD_METHOD
string
- default "des" if BR2_TARGET_GENERIC_PASSWD_DES
default "md5" if BR2_TARGET_GENERIC_PASSWD_MD5
default "sha-256" if BR2_TARGET_GENERIC_PASSWD_SHA256
default "sha-512" if BR2_TARGET_GENERIC_PASSWD_SHA512