I'm quite new to linux and Unix, and I was going through the /etc/shadow file and a user had its hash starting with $1$(MD5), but the user has a UID and GID >99 so I assume that the users security is not as important as say root. Would this be a potential security threat to the system? If so, is there any way to change the hash from MD5 to SHA-512?
Asked
Active
Viewed 72 times
0
-
2How do you know it's an MD5 hash? What flavor of Linux is this? Can you post the entire line from `/etc/shadow` after changing some of the random-looking strings? – bitinerant Jan 29 '21 at 02:32
-
1According to [this crypto.SE answer](https://crypto.stackexchange.com/questions/40841/what-is-the-algorithm-used-to-encrypt-linux-passwords/40842#40842), it's not terrible, but not great either. It's *not* plain MD5 (which would be terrible), it's a salted, iterated hash *based on* MD5. According to [this unix.SE answer](https://unix.stackexchange.com/questions/196085/how-to-set-default-password-algorithm-to-sha512-on-linux/196086#196086), you can set `ENCRYPT_METHOD SHA512` in /etc/login.defs. – Gordon Davisson Jan 29 '21 at 08:18