I noticed that daemons have their own login class in /etc/login.conf
with an entry for localcipher and a number of blowfish rounds.

(1)Does increasing the rounds in this case improve security, do nothing
or make for future problems? Currently daemon's do not have a password
entry. I was cleaning up /etc/login.conf and wanted all of the
blowfish rounds to be set at a minimum of 15.

(2)A second question would be for which daemons might I expect to ever
see a password used for daemons? or is this login class set up as a
matter of security "housekeeping" so as to make it impossible for
someone to log in as a daemon and the actual method of password
encryption has no actual effect on the system.


Just asking.


TIA