On Wed, 2002-07-31 at 11:44, Dave Logan wrote:
> Is there "no way" to make freeradius look at the regular
> 32 chars hashes?
Erm, they _are_ 32 char digests.... - just that your first
implementation was wrong.
To clarify - the digests you (we) are using here are 32 char MD5
hashes, with '$1$' as the magic, and the 8 chars immediately following
that are used as the salt.
Here's an example :
$1$fUQUfY0M$qarq3C1dDephPbGgaRdoe/
It's irrelevant what the original string was, as it wouldn't hash into
an identical digest again, anyways (without salt at least - see
below)...
It's also worth noting (for those that don't already know, anyways...)
that these digests are on-way - they can't be decrypted. To test the
pass, we take a string, hash it *using the salt from the digest we have*
(ie: substr(3,8) ), and compare the digests.
--
Cheers,
Mattt. icq : 117539757
Network and Tech Guy, www1 : http://www.pulse.nq4u.net
Expressnet. www2 : http://www.expressnet.net.au
[EMAIL PROTECTED] jabber: [EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
