How to Enable SHA-3 Password Hashing in Fedora 25 PAM

To enable SHA-3 for password hashing in Fedora 25 PAM, you need to modify the PAM configuration file. Here's how:

1. Open a terminal and log in as root or use sudo to run the following commands with administrative privileges.

2. Open the PAM configuration file for the desired service using a text editor. For example, to modify the configuration for the 'sshd' service, run:

sudo vi /etc/pam.d/sshd

3. Find the line containing the 'password' module. It might look like this:

password    requisite     pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=

4. Add the following line below the existing 'password' module line to include SHA-3:

password    [success=1 default=ignore] pam_unix.so sha512 sha3_512

Note: 'sha512' is included for compatibility with systems that might not support SHA-3.

5. Save the file and exit the text editor.

6. Restart the PAM service to apply the changes:

sudo systemctl restart systemd-logind.service

Note: Restarting the service may log out active users, so inform them before proceeding.

After completing these steps, PAM should now use SHA-3 for password hashing. Remember to thoroughly test the changes before using them in a production environment.