+++ Shanker Balan [linux-india] <22/02/02 15:48 +0530>:
> Suresh Ramasubramanian wrote,
> > +++ Shanker Balan [linux-india] <22/02/02 12:21 +0530>:
> > > The Linux hashing scheme (taken from BSD IIRC) uses a MD5 algo with a 8
> > > char random salt prefixed by "$1$".
> > the linux md5 and the bsd md5 are a bit different - and md5sum will produce
> > different results on linux and *bsd :)
>
> This is not plain MD5, its MD5 with an 8 char random salt. "md5sum" does
> not use random salts. Most password hashing schemes use salt. NTLM
That's right.
> Looking at the passwd file in Linux and FreeBSD 4.5, i dont see any
> differrence in the hashing scheme. Both the OSes follow the same
> convention - "$1$somesalt$hashedpassword".
On a bsd machine ... a weird mix of crypt and md5. Plain old crypt() should
produce 13 chars of output, not 34, as in a bsd passwd field.
$1$eYrvxTAm$Wz4Wkxe5exy/5VhkuTnYH0 for example - 34 chars long, so neither
base64 nor hex. So, when you try using courier imap or vpop3d on linux with
(say) exim on linux ... and try to verify courier passwords by throwing them
at crypt().
$1 = md5, $2 = blowfish (on openbsd). After that, there's a separator from
the data. Then there's salt, till the third $, followed by the hashed and
base64 encoded password
-srs
--
Suresh Ramasubramanian <----> mallet <at> efn dot org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin
[Linux One Stanza Tip] From : <[EMAIL PROTECTED]>
LOST #171 -**< Sub : Searching for files (#1) >**-
To search for files that match a particular name, use find(1);
for example : find / -name "*GENERIC*" -ls
will search '/', and all subdirs, for files with 'GENERIC' in
the name.
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
