Re: Unix Password Encryption Procedures
From: Stachu 'Dozzie' K. (cut-to-last-hypen-dozzie_at_dynamit.im.pwr.wroc.pl)
Date: 09/28/04
- Previous message: Kushal Agarwal: "Unix Password Encryption Procedures"
- In reply to: Kushal Agarwal: "Unix Password Encryption Procedures"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 27 Sep 2004 22:42:39 +0000 (UTC)
On 2004-09-27, Kushal Agarwal wrote:
> I know that most Unix machines either use the DES encryption algorithm
> or the MD5 encryption algorithm, I am wondering if there is any
> flavour of unix which uses the kerberos (or anyother) methodology?
>
> Additonally, I know that the function crypt() is able to encrypt using
> either the DES or the MD5 algorithm, depending on the salt supplied
> with the function. I am curious as to given an encrypted string, is
> there any "clean" (via a function(s)) way to determine what method was
> used to encrypt the original string. I need to know how the original
> string was encrypted so that I can use the same procedure to encrypt
> the entered string (so that I may compare the stored and entered
> strings).
Yeap. You're right, there is one simple method. Look at this:
#v+
[dozzie%dynamit dozzie]$ perl -le 'print crypt "supersecretpassword", "salt"'
saUkChKIZTKFs
[dozzie%dynamit dozzie]$ perl -le 'print crypt "supersecretpassword", q"$1$salt"'
$1$salt$ZGs1yAb55Neu4Xn5asyQI.
#v-
First password has simply two-letter salt prepended to DES-encrypted
password string. Note that salt can't have '$' sign. Second password
prepended $1$<here-salt>$ string. The "$1$" is the way to determine
which algorithm was used.
"man 3 crypt" command should tell you the rest.
-- Stanislaw Klekot
- Previous message: Kushal Agarwal: "Unix Password Encryption Procedures"
- In reply to: Kushal Agarwal: "Unix Password Encryption Procedures"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
