+++ Shanker Balan [linux-india] <22/02/02 18:24 +0530>:
> Apparently, the Linux glibc crypt() function is not exactly the same as
> the OpenSSL crypt() function, depending on the order in which you link
> -lcrypto and -lcrypt, you might end up with strange results.
Exactly the point I was making. The bsd and linux crypt()s are different in
nature.
> - Linux/FreeBSD style password hashes use $1$ and an 8 char salt.
> Depending on the salt, the Perl/PHP crypt functions hashed output will
> change.
Yup - so when you use software which generates bsd style passwords, and try
them out on linux?
> > on linux with (say) exim on linux ... and try to verify courier
> > passwords by throwing them at crypt().
> I don't think that will work. You will have to throw in the salt part to
> the crypt function as well.
that's right ... but throw them at the LINUX crypt() I mean.
> John against Debian shadow file:
> su-2.05a# john /mnt/deb-root/etc/shadow
> Loaded 3 passwords with 2 different salts (FreeBSD MD5 [32/32])
> john against FreeBSD 4.5:
> su-2.05a# john /etc/master.passwd
> Loaded 2 passwords with 2 different salts (FreeBSD MD5 [32/32])
> John sez that both are "FreeBSD MD5 [32/32]". Settled? :-D
Hmmm...
-srs
--
Suresh Ramasubramanian <----> mallet <at> efn dot org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin
[Linux One Stanza Tip] From : <[EMAIL PROTECTED]>
LOST #196 -**< Sub : Command execution timing >**-
To see how long it takes a command to run, type the word
"time" before the command name. Try: #time updatedb
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
