On Thu, 6 Sep 2001 at 02:32, Ian C. Sison wrote:
> Added lots of nifty stuff like auto-sensing crypt and crypt-md5
> passwords
How can you tell which portion of the encrypted password is the encrypted
password? Here's why I ask. The /etc/shadow, when using MD5, will normally
have between the first and the second colon delimeters something like
this:
$1$yLW0nUNi$98qwZGOcwYTAyqwRlbj/u0
The first thing that I noticed as common were the first three letters. So
I chopped those out and put something like this:
userPassword: {MD5}yLW0nUNi$98qwZGOcwYTAyqwRlbj/u0
But then slappasswd, when creating MD5 passwords, will spew out something
like this:
{MD5}NBeXPNZ/N7B35WuC8Mwwbw==
I compare the lengths and I notice another thing common among the stuff in
/etc/shadow. The 9th character is a dollar sign.
So is the only "password" portion the last part, in something like this:
{MD5}98qwZGOcwYTAyqwRlbj/u0
?
It's a little bit shorter than slappasswd's output, and well ... I tried
and it still won't work.
I've found a better solution to my primitive crypt script, though. I use
slappasswd (duh! hahaha!) to create an SSHA encrypted password then plug
this in. Unfortunately to do this for every user will require them to
re-encode their passwords and that'll be one hell of a task for us all. :(
So I still need to figure out how to get my MD5 passwords from /etc/shadow
into ldap.
--> Jijo
--
Federico Sevilla III :: [EMAIL PROTECTED]
Network Administrator :: The Leather Collection, Inc.
GnuPG Key: <http://jijo.leathercollection.ph/jijo.gpg>
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
