Linux Upgrade Password Hashing Algorithm to SHA-512

by

To upgrade the password hashing algorithm to SHA-512 on a Linux system, follow these steps:

  1. Open the /etc/login.defs file with a text editor, such as vi or nano.
  2. Locate the line that contains the ENCRYPT_METHOD parameter. If the parameter is commented out with a # symbol, remove the symbol to uncomment it.
  3. Change the value of ENCRYPT_METHOD from the default value to SHA512.

For example, the line should look like this after the change:

ENCRYPT_METHOD SHA512
  1. Save and close the file.
  2. Change the password of each user on the system so that the new SHA-512 algorithm is used. To do this, use the passwd command followed by the username.

For example, to change the password for the user john, run the following command:

sudo passwd john
  1. Enter and confirm the new password when prompted.

Note that after you change the password, the new hash will be stored in the /etc/shadow file. This file should only be readable by the root user, to protect the security of the password hashes. (https://www.sanjaytaxpro.com/)

Leave a Comment