On Thu, 3 Jun 1999, Maurice Hendrix wrote:
> Hi,
>
> I have a question about password encryption used by Linux (PAM I think).
>
> Could somebody explain to me why it would be impossible to write a program
> that will decrypt a password taken from the /etc/passwd file (or it's
> shadow) using the inverse of the encryption algorithm? What *is* the
> encryption algorithm used anyway?
Because the password is encrypted with itself as the key. Since you don't
know the password, you don't know the key, and so you cannot decrypt.
To check a ginen password, it is encrypted and the result is checked
against the one in /etc/passwd (or /etc/shadow on most modern systems).
Frank
> If that isn't a challenge already, try to answer slowly in plain English (I
> do have fair understanding of math).
>
> TIA,
> --
> Maurice Hendrix
>
> snailmail: Fuji Photo Film BV Standard disclaimers apply
> Dept. P1LPI
> attn. M. Hendrix
> PO Box 90156
> 5000 LJ Tilburg
> phone: +31 13-579 1370 or fax: +31 13-579 1385
>
> - Still 19 months to go until the next millenium...
>
