ezbounce v2.0 Encrypted Passwords Setup
---------------------------------------------------------
Last Updated: $Date: 2008-04-15 21:12:46 -0500 (Tue, 15 Apr 2008) $


1. Introduction

By default, ezbounce stores passwords in plain text in its configuration file.
In version 2.0, support was added to store passwords in a cryptographically
hashed format.


2. Setup

Setting up encrypted passwords is quite simple.

First, build the provided mkpasswd tool by typing "make tools".  Use mkpasswd
to type in plaintext passwords and obtain their hashed forms (it will be
created in the tools/ directory).

Then add the following line to your ezbounce configuration:

	set encrypted-passwords 1

Setting users' passwords will be the same as before.  Just use the output from
the mkpasswd utility.

Here's an example configuration:

	set encrypted-passwords 1

	user "steve" {
		... 
		set password  "$1$Z2QDBfbZ$hig6I37JAsYjYuyNAWA.f0"
	}

	user "joe" {
		...
		set password "$1$4YIeU6PH$nrFONLwDkNBMijkm7GN1q1"
	}


3. Details

See tools/README.mkpasswd for operational details of the mkpasswd tool.

Note that if you choose to use encrypted passwords, all users' passwords must
be set in this format (that is, you cannot leave certain ones as plaintext).

The supported cryptographic hash methods depend on your system.  Almost all
will support DES, while modern Linux and *BSD systems will support MD5 as
well, and possibly Blowfish.

Be sure to use the strongest method available on your system.  DES, in
particular, has some weaknesses and only utilizes the first 8 characters of
the password key.