A client was concerned that their password hash was MD5. A check of the /etc/shadow file showed: user:$6$UAxaIY9I$hAkj … The first field annotated by a ‘$’ (: is the delimiter) is 6 = SHA256 (1 = MD5) And /etc/pam.d/common-password specifies it: password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass[…]
A client specified external testing of a Debian distro with another distro’s FIPS module compiled in. This was pretty interesting. We tested to make sure SSH1 doesn’t work at all and SSH2 does with the following cyphers: aes128-ctr, aes192-ctr, aes256-ctr, aes128-cbc, 3des-cbc, aes192-cbc, aes256-cbc, rijndael-cbc@lysator.liu.se and the following keys: RSA, ECDSA, DSA