788 B
788 B
The STIG requires SHA512 to be used for hashing password since it is in the list of FIPS 140-2 approved hashing algorithms. This is also the default in Ubuntu 14.04.
The libuser package isn't installed by default in Ubuntu
or via openstack-ansible. The Ansible tasks will do the following:
- Check to see if libuser is installed
- If it's installed, it will check for the password hashing algorithm
in
/etc/libuser.conf - If libuser is installed and the password hashing algorithm isn't SHA512, an error will be printed and the playbook will fail
Further reading: