Archlinux News: Changes to default password hashing algorithm and umask settings

[securitybreach]

 

Quote

 

Changes to default password hashing algorithm and umask settings

2023-09-22 - David Runge

With shadow >= 4.14.0, Arch Linux's default password hashing algorithm changed from SHA512 to yescrypt [1].

Furthermore, the umask [2] settings are now configured in /etc/login.defs instead of /etc/profile.

This should not require any manual intervention.

Reasons for Yescrypt

The password-based key derivation function (KDF) and password hashing scheme yescrypt has been chosen due to its adoption (readily available in libxcrypt, which is used by pam [3]) and its stronger resilience towards password cracking attempts over SHA512.

Although the winner of the Password Hashing Competition [4] has been argon2, this even more resilient algorithm is not yet available in libxcrypt [5][6].

Configuring yescrypt

The YESCRYPT_COST_FACTOR setting in /etc/login.defs is currently without effect, until pam implements reading its value [7]. If a YESCRYPT_COST_FACTOR higher (or lower) than the default (5) is needed, it can be set using the rounds option of the pam_unix [8] module (i.e. in /etc/pam.d/system-auth).

General list of changes

• yescrypt is used as default password hashing algorithm, instead of SHA512
• pam honors the chosen ENCRYPT_METHOD in /etc/login.defs and does not override the chosen method anymore
• changes in the filesystem (>= 2023.09.18) and pambase (>= 20230918) packages ensure, that umask is set centrally in /etc/login.defs instead of /etc/profile

[1] https://www.openwall.com/yescrypt/

[2] https://man.archlinux.org/man/umask.1p

[3] https://wiki.archlinux.org/title/PAM

[4] https://www.password-hashing.net/

[5] https://github.com/besser82/libxcrypt/pull/113

[6] https://github.com/besser82/libxcrypt/pull/150

[7] https://github.com/linux-pam/linux-pam/issues/607

[8] https://man.archlinux.org/man/pam_unix.8