On 03/05/2014 07:47 PM, Matthias Klein wrote:
> Hello,
>  
> our ptxdist 2014.01.0 based product got an external security audit.
> They complained that our passwords in the shadow file are hashed with
> the outdated crypt(3) algorithm.
> Her advice is to use bcrypt, PBKDF2 or scrpy.
>  
> We are using busybox for passwd etc.
>  
> Is this a busybox limitation? Or can we change the hashing algorithm in
> busybox?
> Or do we need to replace busybox' passwd etc. with something better?

Have a look at the  BUSYBOX_USE_BB_CRYPT and BUSYBOX_USE_BB_CRYPT_SHA
option.

Marc

-- 
Pengutronix e.K.                  | Marc Kleine-Budde           |
Industrial Linux Solutions        | Phone: +49-231-2826-924     |
Vertretung West/Dortmund          | Fax:   +49-5121-206917-5555 |
Amtsgericht Hildesheim, HRA 2686  | http://www.pengutronix.de   |