DragonFly BSD xài thuật toán gì để băm mật khẩu ?

DragonFly BSD 6.4.0 xài thuật toán SHA512 để băm mật khẩu.

# cat /etc/os-release
NAME=DragonFly
VERSION=6.4-SYNTH
VERSION_ID=6.4
ID=dragonfly
ANSI_COLOR="0;32"
PRETTY_NAME="DragonFlyBSD 6.4-SYNTH"
CPE_NAME="cpe:/o:dragonflybsd:dragonfly:6.4"
SUPPORT_URL="http://chat.efnet.org:9090/?nick=dflynick&channels=%23dragonflybsd&Login=Login"
HOME_URL="https://www.dragonflybsd.org/"
BUG_REPORT_URL="https://bugs.dragonflybsd.org/"
MACHINE_ARCH=x86_64
MACHINE=x86_64
DFLYVERSION=600400

# cat /etc/master.passwd
# $FreeBSD: src/etc/master.passwd,v 1.25.2.6 2002/06/30 17:57:17 des Exp $
#
root:$6$V8DOUxpm05m/cF8.$vz7.9s1HHl8llrWjaxiGqNWhY/3Xahdsk22gyPfV77j7hw0qTbt.YcboOYr1nUocrKliLiyYp00B0z8Gtoyok/:0:0::0:0:Charlie &:/root:/usr/bin/bash
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/sbin/nologin
operator:*:2:5::0:0:System &:/:/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/sbin/nologin
mail:*:6:6::0:0:Mail user:/nonexistent:/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/sbin/nologin
proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/sbin/nologin
_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/libexec/uucp/uucico
xten:*:67:67::0:0:X-10 daemon:/usr/local/xten:/sbin/nologin
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/sbin/nologin
_sdpd:*:70:70::0:0:sdpd privsep user:/var/empty:/sbin/nologin
_dhcp:*:77:77::0:0:DHCP programs:/var/empty:/sbin/nologin
www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin
installer::0:0::0:0:DragonFly Installer:/root:/usr/sbin/installer
git_daemon:*:964:964::0:0:git daemon:/nonexistent:/usr/sbin/nologin
dhcpd:*:136:136::0:0:ISC DHCP daemon:/nonexistent:/usr/sbin/nologin
vagrant:$6$EhQczKCeEHSzEhRO$K0KlsR87LcJpFbL9oj9uQjc6SbQYmJLjBgatSBELkBrhzYDyqs89j.w1w7xqaLTNQzTtNyUhYd3HhzWhhHi4M1:1001:1001::0:0:User &:/home/vagrant:/bin/bash

Ở điểm này thì DragonFly BSD 6 và FreeBSD 14 giống nhau đều băm mật khẩu bằng thuật toán SHA512.

Băm mật khẩu bằng thuật toán SHA512 được qui định trong /etc/login.conf của DragonFly BSD 6.4.0.

# cat /etc/login.conf
# login.conf - login class capabilities database.
#
# Remember to rebuild the database after each change to this file:
#
#       cap_mkdb /etc/login.conf
#
# This file controls resource limits, accounting limits and
# default user environment settings.
#
# $FreeBSD: src/etc/login.conf,v 1.34.2.6 2002/07/02 20:06:18 dillon Exp $
#

# Default settings effectively disable resource limits, see the
# examples below for a starting point to enable them.

# defaults
# These settings are used by login(1) by default for classless users
# Note that entries like "cputime" set both "cputime-cur" and "cputime-max"

# NOTE that /etc/COPYRIGHT is a local file that an admin can create to
# display additional copyright information to users on the system. It is
# not part of the standard distribution of DragonFly, nor is it meant to
# be identical to /COPYRIGHT.

default:\
        :passwd_format=sha512:\
        :copyright=/etc/COPYRIGHT:\
        :welcome=/etc/motd:\
        :setenv=BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\
        :mail=/var/mail/$:\
        :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/pkg/sbin /usr/pkg/bin ~/bin:\
        :nologin=/var/run/nologin:\
        :cputime=unlimited:\
        :datasize=unlimited:\
        :stacksize=unlimited:\
        :memorylocked=unlimited:\
        :memoryuse=unlimited:\
        :filesize=unlimited:\
        :coredumpsize=unlimited:\
        :openfiles=unlimited:\
        :maxproc=unlimited:\
        :posixlocks=unlimited:\
        :sbsize=unlimited:\
        :vmemoryuse=unlimited:\
        :priority=0:\
        :ignoretime@:\
        :umask=022:


#
# A collection of common class names - forward them all to 'default'
# (login would normally do this anyway, but having a class name
#  here suppresses the diagnostic)
#
standard:\
        :tc=default:
xuser:\
        :tc=default:
staff:\
        :tc=default:
daemon:\
        :tc=default:
news:\
        :tc=default:
dialer:\
        :tc=default:

#
# Root can always login
#
# N.B.  login_getpwclass(3) will use this entry for the root account,
#       in preference to 'default'.
root:\
        :ignorenologin:\
        :tc=default:

#
# Russian Users Accounts. Setup proper environment variables.
#
russian|Russian Users Accounts:\
        :charset=KOI8-R:\
        :lang=ru_RU.KOI8-R:\
        :tc=default:


######################################################################
######################################################################
##
## Example entries
##
######################################################################
######################################################################

## Example defaults
## These settings are used by login(1) by default for classless users
## Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
#
#default:\
#       :cputime=infinity:\
#       :datasize-cur=22M:\
#       :stacksize-cur=8M:\
#       :memorylocked-cur=10M:\
#       :memoryuse-cur=30M:\
#       :filesize=infinity:\
#       :coredumpsize=infinity:\
#       :maxproc-cur=64:\
#       :openfiles-cur=64:\
#       :priority=0:\
#       :requirehome@:\
#       :umask=022:\
#       :tc=auth-defaults:
#
#
##
## standard - standard user defaults
##
#standard:\
#       :copyright=/etc/COPYRIGHT:\
#       :welcome=/etc/motd:\
#       :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
#       :path=~/bin /bin /usr/bin /usr/local/bin:\
#       :manpath=/usr/share/man /usr/local/man:\
#       :nologin=/var/run/nologin:\
#       :cputime=1h30m:\
#       :datasize=8M:\
#       :vmemoryuse=100M:\
#       :stacksize=2M:\
#       :memorylocked=4M:\
#       :memoryuse=8M:\
#       :filesize=8M:\
#       :coredumpsize=8M:\
#       :openfiles=24:\
#       :maxproc=32:\
#       :priority=0:\
#       :requirehome:\
#       :passwordtime=90d:\
#       :umask=002:\
#       :ignoretime@:\
#       :tc=default:
#
#
##
## users of X (needs more resources!)
##
#xuser:\
#       :manpath=/usr/share/man /usr/local/man /usr/pkg/man:\
#       :cputime=4h:\
#       :datasize=12M:\
#       :vmemoryuse=infinity:\
#       :stacksize=4M:\
#       :filesize=8M:\
#       :memoryuse=16M:\
#       :openfiles=32:\
#       :maxproc=48:\
#       :tc=standard:
#
#
##
## Staff users - few restrictions and allow login anytime
##
#staff:\
#       :ignorenologin:\
#       :ignoretime:\
#       :requirehome@:\
#       :accounted@:\
#       :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
#       :umask=022:\
#       :tc=standard:
#
#
##
## root - fallback for root logins
##
#root:\
#       :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
#       :cputime=infinity:\
#       :datasize=infinity:\
#       :stacksize=infinity:\
#       :memorylocked=infinity:\
#       :memoryuse=infinity:\
#       :filesize=infinity:\
#       :coredumpsize=infinity:\
#       :openfiles=infinity:\
#       :maxproc=infinity:\
#       :memoryuse-cur=32M:\
#       :maxproc-cur=64:\
#       :openfiles-cur=1024:\
#       :priority=0:\
#       :requirehome@:\
#       :umask=022:\
#       :tc=auth-root-defaults:
#
#
##
## Settings used by /etc/rc
##
#daemon:\
#       :coredumpsize@:\
#       :coredumpsize-cur=0:\
#       :datasize=infinity:\
#       :datasize-cur@:\
#       :maxproc=512:\
#       :maxproc-cur@:\
#       :memoryuse-cur=64M:\
#       :memorylocked-cur=64M:\
#       :openfiles=1024:\
#       :openfiles-cur@:\
#       :stacksize=16M:\
#       :stacksize-cur@:\
#       :tc=default:
#
#
##
## Settings used by news subsystem
##
#news:\
#       :path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
#       :cputime=infinity:\
#       :filesize=128M:\
#       :datasize-cur=64M:\
#       :stacksize-cur=32M:\
#       :coredumpsize-cur=0:\
#       :maxmemorysize-cur=128M:\
#       :memorylocked=32M:\
#       :maxproc=128:\
#       :openfiles=256:\
#       :tc=default:
#
#
##
## The dialer class should be used for a dialup PPP/SLIP accounts
## Welcome messages/news suppressed
##
#dialer:\
#       :hushlogin:\
#       :requirehome@:\
#       :cputime=unlimited:\
#       :filesize=2M:\
#       :datasize=2M:\
#       :stacksize=4M:\
#       :coredumpsize=0:\
#       :memoryuse=4M:\
#       :memorylocked=1M:\
#       :maxproc=16:\
#       :openfiles=32:\
#       :tc=standard:
#
#
##
## Site full-time 24/7 PPP/SLIP connections
## - no time accounting, restricted to access via dialin lines
##
#site:\
#       :ignoretime:\
#       :passwordtime@:\
#       :refreshtime@:\
#       :refreshperiod@:\
#       :sessionlimit@:\
#       :autodelete@:\
#       :expireperiod@:\
#       :graceexpire@:\
#       :gracetime@:\
#       :warnexpire@:\
#       :warnpassword@:\
#       :idletime@:\
#       :sessiontime@:\
#       :daytime@:\
#       :weektime@:\
#       :monthtime@:\
#       :warntime@:\
#       :accounted@:\
#       :tc=dialer:\
#       :tc=staff:
#
#
##
## Example standard accounting entries for subscriber levels
##
#
#subscriber|Subscribers:\
#       :accounted:\
#       :refreshtime=180d:\
#       :refreshperiod@:\
#       :sessionlimit@:\
#       :autodelete=30d:\
#       :expireperiod=180d:\
#       :graceexpire=7d:\
#       :gracetime=10m:\
#       :warnexpire=7d:\
#       :warnpassword=7d:\
#       :idletime=30m:\
#       :sessiontime=4h:\
#       :daytime=6h:\
#       :weektime=40h:\
#       :monthtime=120h:\
#       :warntime=4h:\
#       :tc=standard:
#
#
##
## Subscriber accounts. These accounts have their login times
## accounted and have access limits applied.
##
#subppp|PPP Subscriber Accounts:\
#       :tc=dialer:\
#       :tc=subscriber:
#
#
#subslip|SLIP Subscriber Accounts:\
#       :tc=dialer:\
#       :tc=subscriber:
#
#
#subshell|Shell Subscriber Accounts:\
#       :tc=subscriber:
#
##
## If you want some of the accounts to use traditional UNIX DES based
## password hashes.
##
#des_users:\
#       :passwd_format=des:\
#       :tc=default: