Posts Tagged ‘sha512’

Ubuntu: change default encryption algorithm

Sunday, July 12th, 2009

While fighting with DB2 denying logins I had to change the default hash algorithm used to store passwords in /etc/shadow.

As far as I know (and as grep -i -r "sha512" /etc/* tells me :-) ), there are two files that carry this information. Namely /etc/pam.d/common-password and /etc/login.defs.

To change the algorithm from sha512 (which shifts as the default in the new Ubuntu releases) change this:

/etc/pam.d/common-password

password [success=1 default=ignore] pam_unix.so obscure sha512

to

password [success=1 default=ignore] pam_unix.so obscure md5

/etc/login.defs

ENCRYPT_METHOD SHA512

to

ENCRYPT_METHOD MD5