Hi,
As per php - Where 2x prefix are used in BCrypt? - Stack Overflow, there’s no functional difference between $2a$ and $2y$.
However a minor problem arises when using something like “htpasswd -nB -C 12” to generate a hash: the output has $2y$ as the variant, but these hashes are not validated by Search Guard.
Modifying $2y$ to $2a$ in sg_internal_users.yml works fine, so the question is: would it be possible for Search Guard to accept $2y$ variant hashes? Modifying the hash after it’s output can be problematic.
Thanks!
CK
Has this been implemented in SG yet? I’m running 5.5.2-16 and still can’t use $2y$
Thanks!
···
On Saturday, 12 August 2017 09:03:36 UTC+12, Search Guard wrote:
https://github.com/bcgit/bc-java/issues/207
Am 19.07.2017 um 05:03 schrieb CK posth...@gmail.com:
Hi,
As per https://stackoverflow.com/questions/15733196/where-2x-prefix-are-used-in-bcrypt, there’s no functional difference between $2a$ and $2y$.
However a minor problem arises when using something like “htpasswd -nB -C 12” to generate a hash: the output has $2y$ as the variant, but these hashes are not validated by Search Guard.
Modifying $2y$ to $2a$ in sg_internal_users.yml works fine, so the question is: would it be possible for Search Guard to accept $2y$ variant hashes? Modifying the hash after it’s output can be problematic.
Thanks!
CK
–
You received this message because you are subscribed to the Google Groups “Search Guard” group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
To post to this group, send email to search...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d14a4d9b-c8d1-4953-a801-6ea919f45b1d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
