On 5/2/07, Chas Owens <[EMAIL PROTECTED]> wrote:
On 5/2/07, Chas Owens <[EMAIL PROTECTED]> wrote:
> On 5/2/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> snip
> > I have tested crypt() on debian, and redhat. Same problems. The has values
> > do not match each other.
> snip
>
> It looks like your /etc/shadow file is not using crypt to store the
> passwords on that system.
>
> from man shadow
> The password field must be filled. The encrypted password consists of
> 13 to 24 characters from the 64 character alphabet a thru z, A thru Z,
> 0 thru 9, \. and /. Optionally it can start with a "$" character. This
> means the encrypted password was generated using another (not DES)
> algorithm. For example if it starts with "$1$" it means the MD5-based
> algorithm was used.
>
Nevermind, John's email is the one you should pay attention to
The relevant doc is perldoc -f crypt:
When verifying an existing digest string you should use the
digest as the salt (like "crypt($plain, $digest) eq $digest").
The SALT used to create the digest is visible as part of the
digest. This ensures crypt() will hash the new string with the
same salt as the digest. This allows your code to work with
the standard crypt and with more exotic implementations. In
other words, do not assume anything about the returned string
itself, or how many bytes in the digest matter.
Traditionally the result is a string of 13 bytes: two first
bytes of the salt, followed by 11 bytes from the set
"[./0-9A-Za-z]", and only the first eight bytes of the digest
string mattered, but alternative hashing schemes (like MD5),
higher level security schemes (like C2), and implementations on
non-UNIX platforms may produce different strings.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/
