On Wed, 29 Apr 2020, Todd Gruhn wrote: > I found the master password file. The passwords that were set (root, > cvs, my account) > all start with $sha$ -- so the passwords are encrypted using SHA? > > If I write a PERL program that checks passwords (cant use crypt), how > would I do this? Any particular modules I need?
You will need to salt it the same way which For the C reference see __gensalt_sha1() and pw_gensalt() src/lib/libcrypt/pw_gensalt.c (NOTE: a pw_gensalt(3) manual page needs to be written) with example use in src/lib/libpam/modules/pam_unix/pam_unix.c and src/usr.bin/passwd/local_passwd.c (NOTE: the crypt(3) manual page needs to be updated to document the $sha1$ behavior.) For perl, you can try p5-CryptX or Digest::SHA (I think in default install perl install)
