Architecture #25012: Migrating to bcrypt with unsafe hashes still match bcrypt hash only - Rudder - Issue Tracker

Actions

Copy link

Architecture #25012

closed

Architecture #24729: Allow using a different password hash algorithm for each local user

Migrating to bcrypt with unsafe hashes still match bcrypt hash only

Added by Clark ANDRIANASOLO 11 months ago. Updated 10 months ago.

Status:

Released

Priority:

N/A

Assignee:

François ARMAND

Category:

Security

Target version:

8.2.0~alpha1

Pull Request:

https://github.com/Normation/rudder/p...

Effort required:

Small

Name check:

To do

Fix check:

To do

Regression:

Description

Even with unsafe-hashes="true" in the rudder users XML file, after upgrading to 8.2, it seems that the previous unsalted hashes are not tested against the login password : users could no longer log in unless their hash is actually a bcrypt one

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Architecture #25012

Migrating to bcrypt with unsafe hashes still match bcrypt hash only

Updated by Clark ANDRIANASOLO 11 months ago

Updated by Clark ANDRIANASOLO 11 months ago

Updated by Clark ANDRIANASOLO 11 months ago

Updated by Alexis Mousset 10 months ago