Now that we have our few FreeBSD usability items out of the way, lets setup FreeBSD’s passwd utility to use Blowfish for the password hash by default instead of using the Md5 for the hash when creating new passwords. This is part of our good password policy.
So lets get started by firing up our old friend vi.
vi /etc/login.conf
Now what we need to do is replace the string passwd_format=md5 with:
passwd_format=blf
Save and close the file.
We need to rebuild the login.conf database for our changes to take place.
cap_mkdb /etc/login.conf
Now we need to change our password to use blowfish for the password hash instead of md5. All you have to do is use passwd and input your new tor same password. To see if you are indeed using blowfish do the following.
cat /etc/master.passwd
If you see your hashed password starting with $2 then you are all set. If it starts with $1 then you are still using md5. Something most have gone wrong, so you will need to go back and review your changes.
Lets go ahead and make all new users that get added to the system use blowfish for hashing their password by default. To do that we will need to tell adduser to use blowfish instead of md5.
echo 'crypt_default = blf' >> /etc/auth.conf
Whew, I don’t know about you, but I sure feel more secure :)
Next in this little series of setting up a FreeBSD box and getting it ready for cutting edge Ruby on Rails development, we will install and setup PostgreSQL 8.1.
Rails Server Setup:
Part 1: New Server Setup
Part 2: Setup FreeBSD 6.x
Part 3: FreeBSD Usability
Part 4: Setup FreeBSD To Use Blowfish
Part 5: Install and Setup PostgreSQL
Part 6: Install Lighttpd on FreeBSD
Part 7: Install MySQL 5.x on FreeBSD
Part 8: Install Ruby On Rails with FreeBSD