Joe Modjeski wrote:
> The ENCRYPT() function should be the one to use since MySQL just passes it
> through to your systems crypt() function. I know on the American version of
> the crypto libs on FreeBSD(using export controlled crypto) and Linux you can
> control the type of password created by the salt that was used to create the
> hash.
>
> A good test is to to encrypt in MySQL the same password you use to login to
> your UNIX box passing it the system hashed version (out of /etc/passwd or
> /etc/shadow) of the password as the salt. ie
>
> SELECT ENCRYPT('mypass','<hashedpass>');
>
> MySQL should return an exact copy of <hashedpass>. If not then it is possible
> that MySQL is linked to the wrong crypto libs.
This might be true. I use MD5 passwords on my RH7.1 box, but the return value of
ENCRYPT() looks decidedly like the old crypt() (it's SHORT!)
I'm not at the office right now; when I get there I'll simply try to copy the
password field from /etc/shadow into the table and see what happens.
> I have FreeRadius running on 4 RH7 boxes using both DES and MD5 crypted hashes
> and have had no problems. With the exeption of some old FreeBSD hashes that
> used a 16 character MD5 salt.
But do you use MySQL, especifically the stock RedHat RPM one (like me)? It might
have been miscompiled.
> Joe
--
Juan Carlos Castro y Castro | "Standing up to an evil system is
[EMAIL PROTECTED] | exhilarating." -Richard Stallman
Rio de Janeiro - Brazil |
DC4DC #25 | http://www.vialink.com.br/~jcastro
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
