Re: Unix Password Encryption Procedures

From: Stachu 'Dozzie' K. (cut-to-last-hypen-dozzie_at_dynamit.im.pwr.wroc.pl)
Date: 09/28/04

  • Next message: Kushal Agarwal: "Get Unix Groups"
    Date: Mon, 27 Sep 2004 22:42:39 +0000 (UTC)
    
    

    On 2004-09-27, Kushal Agarwal wrote:
    > I know that most Unix machines either use the DES encryption algorithm
    > or the MD5 encryption algorithm, I am wondering if there is any
    > flavour of unix which uses the kerberos (or anyother) methodology?
    >
    > Additonally, I know that the function crypt() is able to encrypt using
    > either the DES or the MD5 algorithm, depending on the salt supplied
    > with the function. I am curious as to given an encrypted string, is
    > there any "clean" (via a function(s)) way to determine what method was
    > used to encrypt the original string. I need to know how the original
    > string was encrypted so that I can use the same procedure to encrypt
    > the entered string (so that I may compare the stored and entered
    > strings).

    Yeap. You're right, there is one simple method. Look at this:

    #v+
    [dozzie%dynamit dozzie]$ perl -le 'print crypt "supersecretpassword", "salt"'
    saUkChKIZTKFs
    [dozzie%dynamit dozzie]$ perl -le 'print crypt "supersecretpassword", q"$1$salt"'
    $1$salt$ZGs1yAb55Neu4Xn5asyQI.
    #v-

    First password has simply two-letter salt prepended to DES-encrypted
    password string. Note that salt can't have '$' sign. Second password
    prepended $1$<here-salt>$ string. The "$1$" is the way to determine
    which algorithm was used.

    "man 3 crypt" command should tell you the rest.

    -- 
    Stanislaw Klekot
    

  • Next message: Kushal Agarwal: "Get Unix Groups"

    Relevant Pages

    • RE: 2007 User Level Security
      ... encrypted string. ... the way I use it is to encrypt user names and passwords and store the ... Dim prp As Property ... Dim dbs As Object, prp As Variant ...
      (microsoft.public.access.modulesdaovba)
    • Re: Workable encryption in Tcl??
      ... The longest string would be about the length ... How to encrypt a string ... nothing about binary formats. ... ># Perform ECB mode encryption on a plaintext block of BINARY data. ...
      (comp.lang.tcl)
    • RE: Using Win32 CryptDecrypt to Decrypt RijndaelManaged
      ... I figured out how to use RijndaelManaged with AES in the C++ app. ... C++ crypto WILL successfully decrypt the .NET generated ... I am trying to write a Win32 app that can decrypt that string using the ... I can get both to encrypt and decrypt successfully in their own projects, ...
      (microsoft.public.platformsdk.security)
    • Re: Decryptionfailed to bring original text back....
      ... cryptography, but now using them on web.config, any idea, I like to ... There isn't really much reason to encrypt a .NET string with ... what happen when you decrypt the encrypted ...
      (microsoft.public.dotnet.security)
    • Re: Decryptionfailed to bring original text back....
      ... them when it is not being used, decrypt them when connecting to database. ... arbitrary binary data) is that if you have a .NET string object, ... There isn't really much reason to encrypt a .NET string with ... I just started learning cryptography. ...
      (microsoft.public.dotnet.security)