[syslinux] Requesting the removal of md5pass
Dag Wieers
dag at wieers.com
Fri Jun 24 08:41:22 PDT 2011
Hi,
As a packager of syslinux, I would like to get rid of the dependency of
syslinux on Crypt::PasswdMD5, as it does not ship with RHEL/CentOS by
default and therefor is an additional hurdle for people on those
distributions to use a more recent syslinux.
(I am also involved with the Rear project that relies on a more recent
syslinux, and in various corporate environments need a recent syslinux.
With Rear the recent syslinux is needed on every system.)
The md5pass tool does not offer anything that is not possible using
openssl, eg:
openssl passwd -1 <password>
or
openssl passwd -1 -salt <string> <password>
So the tool could easily be replaced by a shell-script, or removed
entirely.
Furthermore, simply running md5pass provides an MD5-based password, with
no clue what's the cleartext equivalent. Not sure if this was intentional
(I don't see the point myself) but it's quite confusing since the tool has
no help and people wouldn't at first glance know that the first argument
should in fact be a cleartext password (and the second optionall the
salt).
Can't we just replace this with a simple shell-script using openssl or get
rid of it ? Or does it serve a greater purpose ? :)
PS1 The only reference to md5pass is in the syslinux documentation
somewhere.
PS2 For sha1pass there doesn't seem to be an equivalent in openssl, but it
seems very useful to have that added to openssl as well (-4 ?).
Kind regards,
--
-- dag wieers, dag at wieers.com, http://dag.wieers.com/
-- dagit linux solutions, info at dagit.net, http://dagit.net/
[Any errors in spelling, tact or fact are transmission errors]
More information about the Syslinux
mailing list