CRYPTOGRAPHY IN VADMIN
-----------------------

There are two ways you can use cryptography in VADMIN. You can either
use the builtin rc4 function, or you can use algorithms provided by
mcrypt. However, once you have decided on one or the other, you can't
go back, or all your saved preferences will go caput.

BUILTIN RC4
------------
Just set MCRYPT_ALGO to "rc4_builtin" to use the builtin rc4 functions
(default setting).

MCRYPT
--------
You will need to recompile PHP with MCRYPT support.  See
http://www.php.net/mcrypt for instructions on how to get, compile, and
install libmcrypt. You will need libmcrypt version 2.4.x or
newer. After you have installed libmcrypt, recompile PHP with this
flag: "--with-mcrypt".

CRYPTO_HASH_LINE and MCRYPT_ALGO
--------------------------------
These are the environment variables which are set in the apache include
file (see SECURITY for more info). CRYPTO_HASH_LINE can have any value
long enough to be able to safely encrypt the sensitive data, although
you should keep in mind that depending on the algorythm you choose,
this line may be truncated to fit the algorythm needs.

MCRYPT_ALGO is the algorythm name to be used by MCRYPT. This has to be
a symmetric algorythm and support ECB encryption mode. For the list of 
available algorythms see your libmcrypt documentation. The default 
setting is "blowfish", but you can and are encouraged to change it to 
some other strong algorythm to make it even harder to brute-force the
passwords. Possible choices are:

blowfish
twofish
tripledes
gost
serpent

and others.

If at any point you decide you wish to a different HASH_LINE and/or
MCRYPT_ALGO, you may do so, but all stored passwords and preferences
will become invalid and will be discarded the first time they
fail. You will have to log into each domain and make sure new values
are stored. This can be quite a hassle if you have a lot of domains,
so choose wisely. :)

