> Ok, but my doubt is: how can radius correctly check that a hash
> corresponds to the password without knowing what salt was used to
> generate that hash?
The salt is encoded in the encrypted password string and the crypt
function can extract it. In the classic crypt(3) function it's the
first 2 (6 bit) bytes of the encrypted string. That's why you call
crypt() like:
crypt(plain_text,encrypt_text);
crypt() extras the salt from encrypt_text and uses it when encrypting
plain_text.
The point of the salt is to make it hard to generate a list of
pre-encrypted strings to compare against a password file. If
crypt("testing123") aways returned the the same encrypted string, then
it would be trival to search password files for accounts with
"testing123" as their password, just look for the encrypted string.
The 2 byte salt of the classic crypt function means that there are
4096 possible encryptions of "testing123". Newer crypts use a more
complex salt/iteration with 16777216 possible permutations for any
given plain text.
So, in short, you always have the salt.
->Spike
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
