Hello:
Suresh Ramasubramanian wrote,
> > This is not plain MD5, its MD5 with an 8 char random salt. "md5sum"
> > does not use random salts. Most password hashing schemes use salt.
> > NTLM
>
> That's right.
>
> > Looking at the passwd file in Linux and FreeBSD 4.5, i dont see any
> > differrence in the hashing scheme. Both the OSes follow the same
> > convention - "$1$somesalt$hashedpassword".
> On a bsd machine ... a weird mix of crypt and md5. Plain old crypt()
> should produce 13 chars of output, not 34, as in a bsd passwd field.
I don't think so. This is what crypt(3) sez:
<quote>
If the salt begins with the string $digit$ then the Modular
Crypt Format is used.
[..]
Currently supported algorithms are:
1. MD5
2. Blowfish
</quote>
This is the case in Linux also.
Then again, i think this password hashing business is all screwed up.
For example, on my recompiled slapd with --tls, auth fails if i use
"$1$somesalt$therest" passwords in the userPassword attribute. Without
TLS, the same hash works for authentication.
Apparently, the Linux glibc crypt() function is not exactly the same as
the OpenSSL crypt() function, depending on the order in which you link
-lcrypto and -lcrypt, you might end up with strange results.
Sadly, I cant read C code to ascertain for myself! :(
As i understand it:
- Plain crypt is MD5 with a 2 char salt. This is what the PHP (and Perl
IIRC) crypt function provides if no salt is passed to the function.
- Linux/FreeBSD style password hashes use $1$ and an 8 char salt.
Depending on the salt, the Perl/PHP crypt functions hashed output will
change.
> $1$eYrvxTAm$Wz4Wkxe5exy/5VhkuTnYH0 for example - 34 chars long, so
> neither base64 nor hex. So, when you try using courier imap or vpop3d
> on linux with (say) exim on linux ... and try to verify courier
> passwords by throwing them at crypt().
I don't think that will work. You will have to throw in the salt part to
the crypt function as well.
$1$ + samesalt + cleartext password = $1$somesalt$therest
You will _always_ get the same hash if the salt and the clear text
string are constant.
> $1 = md5, $2 = blowfish (on openbsd).
Yes.
> After that, there's a separator from the data. Then there's salt,
> till the third $, followed by the hashed and base64 encoded password
Basically, the leading $1$ is the answer. if hash begins with a $1$,
then its MD5 crypt with a 8 char salt. This _should_ be the same on all
implementations (but its not like in my slapd+tls case).
One way to settle this, run "john" against the password files! :-D
John against Debian shadow file:
su-2.05a# john /mnt/deb-root/etc/shadow
Loaded 3 passwords with 2 different salts (FreeBSD MD5 [32/32])
john against FreeBSD 4.5:
su-2.05a# john /etc/master.passwd
Loaded 2 passwords with 2 different salts (FreeBSD MD5 [32/32])
John sez that both are "FreeBSD MD5 [32/32]". Settled? :-D
-- Shanu
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
