[ic] [interchange] Add back 'UserDB ui crypt' setting

Peter peter at pajamian.dhs.org
Thu Nov 19 21:09:46 UTC 2015


On 11/20/2015 03:16 AM, Josh Lavin wrote:
> Quoting Peter (peter at pajamian.dhs.org):
>> On 11/19/2015 11:28 AM, Josh Lavin wrote:
>>>  UserDB ui database   access
>>> +UserDB ui crypt      1
>>>  UserDB ui bcrypt     1
>>>  UserDB ui promote    1
>>>  UserDB ui cost       13
>>
>> This change should not be needed, crypt is implied by bcrypt. Did you
>> have some issue with just bcrypt set?
> 
> I was told crypt was also necessary. It seems to work either way in the
> Admin

It's not required and documentation shows not to use it:

>       + Example usage: if my "ui" profile is configured with
>         "crypt" (as it is by default), I have crypt() passwords in
>         the access table:
>
>         UserDB  ui  crypt 1
>
>         I first change and promote to bcrypt by replacing the above
>         with:
>
>         UserDB  ui  promote 1
>         UserDB  ui  bcrypt  1
>         UserDB  ui  bcrypt_pepper {some reasonably long random string}

> -- however, in the catalog, I found crypt to be necessary.

My own usage never required it for userdb either, what happened that
made you think it's required?


Peter



More information about the interchange-users mailing list