System Administration Guide: Security Services

Example—Using the Blowfish Algorithm for Password Encryption

In this example, the identifier for the Blowfish algorithm, 2a, is specified as the value for the CRYPT_DEFAULT variable. The policy.conf entries that control password encryption would look like the following:


CRYPT_ALGORITHMS_ALLOW=1,2a,md5
#CRYPT_ALGORITHMS_DEPRECATE=__unix__
CRYPT_DEFAULT=2a

This configuration is compatible with BSD systems that use the Blowfish algorithm.