Architecture #25012: Migrating to bcrypt with unsafe hashes still match bcrypt hash only - Rudder - Issue Tracker

Actions

Copy link

Architecture #25012

closed

Architecture #24729: Allow using a different password hash algorithm for each local user

Migrating to bcrypt with unsafe hashes still match bcrypt hash only

Added by Clark ANDRIANASOLO 5 months ago. Updated 4 months ago.

Status:

Released

Priority:

N/A

Assignee:

François ARMAND

Category:

Security

Target version:

8.2.0~alpha1

Pull Request:

https://github.com/Normation/rudder/p...

Effort required:

Small

Name check:

To do

Fix check:

To do

Regression:

Description

Even with unsafe-hashes="true" in the rudder users XML file, after upgrading to 8.2, it seems that the previous unsalted hashes are not tested against the login password : users could no longer log in unless their hash is actually a bcrypt one

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Architecture #25012

Migrating to bcrypt with unsafe hashes still match bcrypt hash only

Updated by Clark ANDRIANASOLO 5 months ago

Updated by Clark ANDRIANASOLO 5 months ago

Updated by Clark ANDRIANASOLO 5 months ago

Updated by Alexis Mousset 4 months ago