|
@@ -18,14 +18,14 @@ choice
|
|
|
help
|
|
help
|
|
|
Choose the password encoding scheme to use when Buildroot
|
|
Choose the password encoding scheme to use when Buildroot
|
|
|
needs to encode a password (eg. the root password, below).
|
|
needs to encode a password (eg. the root password, below).
|
|
|
-
|
|
|
|
|
|
|
+
|
|
|
Note: this is used at build-time, and *not* at runtime.
|
|
Note: this is used at build-time, and *not* at runtime.
|
|
|
|
|
|
|
|
config BR2_TARGET_GENERIC_PASSWD_DES
|
|
config BR2_TARGET_GENERIC_PASSWD_DES
|
|
|
bool "des"
|
|
bool "des"
|
|
|
help
|
|
help
|
|
|
Use standard 56-bit DES-based crypt(3) to encode passwords.
|
|
Use standard 56-bit DES-based crypt(3) to encode passwords.
|
|
|
-
|
|
|
|
|
|
|
+
|
|
|
Old, wildly available, but also the weakest, very susceptible to
|
|
Old, wildly available, but also the weakest, very susceptible to
|
|
|
brute-force attacks.
|
|
brute-force attacks.
|
|
|
|
|
|
|
@@ -33,7 +33,7 @@ config BR2_TARGET_GENERIC_PASSWD_MD5
|
|
|
bool "md5"
|
|
bool "md5"
|
|
|
help
|
|
help
|
|
|
Use MD5 to encode passwords.
|
|
Use MD5 to encode passwords.
|
|
|
-
|
|
|
|
|
|
|
+
|
|
|
The default. Wildly available, and pretty good.
|
|
The default. Wildly available, and pretty good.
|
|
|
Although pretty strong, MD5 is now an old hash function, and
|
|
Although pretty strong, MD5 is now an old hash function, and
|
|
|
suffers from some weaknesses, which makes it susceptible to
|
|
suffers from some weaknesses, which makes it susceptible to
|
|
@@ -43,7 +43,7 @@ config BR2_TARGET_GENERIC_PASSWD_SHA256
|
|
|
bool "sha-256"
|
|
bool "sha-256"
|
|
|
help
|
|
help
|
|
|
Use SHA256 to encode passwords.
|
|
Use SHA256 to encode passwords.
|
|
|
-
|
|
|
|
|
|
|
+
|
|
|
Very strong, but not ubiquitous, although available in glibc
|
|
Very strong, but not ubiquitous, although available in glibc
|
|
|
for some time now. Choose only if you are sure your C library
|
|
for some time now. Choose only if you are sure your C library
|
|
|
understands SHA256 passwords.
|
|
understands SHA256 passwords.
|
|
@@ -52,7 +52,7 @@ config BR2_TARGET_GENERIC_PASSWD_SHA512
|
|
|
bool "sha-512"
|
|
bool "sha-512"
|
|
|
help
|
|
help
|
|
|
Use SHA512 to encode passwords.
|
|
Use SHA512 to encode passwords.
|
|
|
-
|
|
|
|
|
|
|
+
|
|
|
Extremely strong, but not ubiquitous, although available in glibc
|
|
Extremely strong, but not ubiquitous, although available in glibc
|
|
|
for some time now. Choose only if you are sure your C library
|
|
for some time now. Choose only if you are sure your C library
|
|
|
understands SHA512 passwords.
|
|
understands SHA512 passwords.
|
|
@@ -178,17 +178,17 @@ config BR2_TARGET_GENERIC_ROOT_PASSWD
|
|
|
default ""
|
|
default ""
|
|
|
help
|
|
help
|
|
|
Set the initial root password (in clear). It will be md5-encrypted.
|
|
Set the initial root password (in clear). It will be md5-encrypted.
|
|
|
-
|
|
|
|
|
|
|
+
|
|
|
If set to empty (the default), then no root password will be set,
|
|
If set to empty (the default), then no root password will be set,
|
|
|
and root will need no password to log in.
|
|
and root will need no password to log in.
|
|
|
-
|
|
|
|
|
|
|
+
|
|
|
WARNING! WARNING!
|
|
WARNING! WARNING!
|
|
|
Although pretty strong, MD5 is now an old hash function, and
|
|
Although pretty strong, MD5 is now an old hash function, and
|
|
|
suffers from some weaknesses, which makes it susceptible to attacks.
|
|
suffers from some weaknesses, which makes it susceptible to attacks.
|
|
|
It is showing its age, so this root password should not be trusted
|
|
It is showing its age, so this root password should not be trusted
|
|
|
to properly secure any product that can be shipped to the wide,
|
|
to properly secure any product that can be shipped to the wide,
|
|
|
hostile world.
|
|
hostile world.
|
|
|
-
|
|
|
|
|
|
|
+
|
|
|
WARNING! WARNING!
|
|
WARNING! WARNING!
|
|
|
The password appears in clear in the .config file, and may appear
|
|
The password appears in clear in the .config file, and may appear
|
|
|
in the build log! Avoid using a valuable password if either the
|
|
in the build log! Avoid using a valuable password if either the
|
Thomas Petazzoni