Fabien COELHO wrote: > > Dear Bruce, > > > Yes, the problem is that we used the username for the salt, just like > > FreeBSD does for its MD5 passwords. > > Not that I know of on FreeBSD? > > shell> uname -a > FreeBSD palo-alto2.ensmp.fr 4.9-STABLE FreeBSD 4.9-STABLE #5: Mon Mar 1 21:31:30 > CET 2004 [EMAIL PROTECTED]:/usr/src/sys/compile/IAR2M i386 > > shell> grep coelho /var/yp/master.passwd > coelho:$1$00EacB0I$4kQ/HmqFFQANZP/mxj8ZX0:210:20::0:0:COELHO, > Fabien:/users/cri/coelho:/usr/local/bin/bash > ^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^ > salt some base 64 encoding of 1002 paranoid md5 computations. > > Even of the salt is based on the login, the point is that it is stored > separatly, so the system does not rely on the login string to check the > password.
Oh, I thought FreeBSD used the username. Not sure were we got that idea. I know we needed a different salt only so users with the same password would not have the same MD5 value. -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
