How to make Ubuntu crypt (3) support Blowfish?

Question

How to make Ubuntu crypt (3) support Blowfish?

According to the crypt (3) manual, Blowfish (indicated by the $ 2a $ prefix) is one of the supported encryption methods:

ID  | Method
─────────────────────────────────────────────────────────
1   | MD5
2a  | Blowfish (not in mainline glibc; added in some
    | Linux distributions)
5   | SHA-256 (since glibc 2.7)
6   | SHA-512 (since glibc 2.7)

However, the part saying Blowfish (not in mainline glibc, added on some Linux distributions) is confusing and undocumented, so I have a few questions.

First of all, if the "mainline" glibc does not support Blowfish, then what glibc does? Ubuntu 14.04 uses glibc 2.19, packaged in libc6 / libc6-dev packages. Assuming this is a "mainline" glibc, Blowfish is not supported. There seems to be a patch called crypt_blowfish that adds Blowfish support for glibc. Why is it not enabled by default in Ubuntu? Last but not least, what is the easiest way to make C crypt () function in Ubuntu understand Blowfish hashes?

+4

glibc password-encryption encryption crypt blowfish

mae Jul 27 '14 at 13:55

source share

1 answer

Gleb Pfotenhauer-Malinowski · Answer 1 · 2015-05-30T11:19:55+0000

First of all, if the "mainline" glibc does not support Blowfish, then what glibc does?

, openwall, . ALT Linux SUSE. , mainline, .

Ubuntu?

: LP # 1349252.

, : C crypt() Ubuntu Blowfish?

, , glibc.

How to make Ubuntu crypt (3) support Blowfish?

More articles: