Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Password encryption
25 views
Skip to first unread message
Link, David A
Oct 29, 2012, 5:37:32 PM10/29/12
to inform...@iiug.org
We are running AIX 6.0 TL7 and Informix 11.50 .FC9XA. InfoSec has requested that we change from an MD5 encryption to a SHAH256 to pass audits. We have done this and now we have issues with passwords which are encrypted with SHAH256. When we reset the user to use MD5 it works but when we use the SHAH256 it will fail saying:
17:12:49 listener-thread: err = -952: oserr = 0: errstr = <USER>@<SERVER>: User (<USER>@<SERVER>)'s password is not correct for the database server.
Anybody have any suggestions what I need to look at?
TIA
Fernando Nunes
Oct 29, 2012, 6:17:48 PM10/29/12
to Link, David A, inform...@iiug.org
AFAIK Informix always calls the crypt() function, with the provided password to obtain the encrypted version and then checks if it matches with the stored encrypted version.
I believe that crypt doesn't follow the alghoritm that was defined.
The only workaround I know would be to setup PAM and use the module "pam_aix".
if you want to get rid of the "AFAIK" and "I believe" you should open a PMR or wait for a more authoritative answer.
Regards.
--
Fernando Nunes
Portugal
http://informix-technology.blogspot.com
My email works... but I don't check it frequently...
I believe that crypt doesn't follow the alghoritm that was defined.
The only workaround I know would be to setup PAM and use the module "pam_aix".
if you want to get rid of the "AFAIK" and "I believe" you should open a PMR or wait for a more authoritative answer.
Regards.
_______________________________________________
Informix-list mailing list
Inform...@iiug.org
http://www.iiug.org/mailman/listinfo/informix-list
--
Fernando Nunes
Portugal
http://informix-technology.blogspot.com
My email works... but I don't check it frequently...
0 new messages