Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 29 Dec 2001 13:49:46 -0600 (CST)
From:      Ryan Thompson <ryan@sasknow.com>
To:        <freebsd-security@freebsd.org>
Subject:   MD5 password salt calculation
Message-ID:  <20011229133456.J99302-100000@catalyst.sasknow.net>

next in thread | raw e-mail | index | archive | help

Hey everybody,

Is there an accepted/standard method of calculating the crypt() salt
for *new* passwords with MD5?

I'm looking at usr.bin/passwd/local_passwd.c, and
usr.sbin/pw/pw_user.c, and see two apparently different approaches.
Further, I see that the algorithm in -STABLE has changed since 3.x,
and maybe it's even changed again in -CURRENT.

What I'm looking for is a _portable_ MD5 algorithm that I can build in
to a new application. It is likely that sysadmins will want to import
their old MD5 and possibly DES passwords, and it is entirely possible
they will want to EXPORT passwords from my application back to their
own passwd database, so I need to retain compatibility. I suppose the
initial salt can be calculated differently, and still work, but I'd
still like to get it right.

So, before I go hacking, hopefully someone can give me a clue to where
I can look to calculate a new MD5 salt.

Thanks!
- Ryan

-- 
  Ryan Thompson <ryan@sasknow.com>
  Network Administrator, Accounts

  SaskNow Technologies - http://www.sasknow.com
  #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2

        Tel: 306-664-3600   Fax: 306-664-1161   Saskatoon
  Toll-Free: 877-727-5669     (877-SASKNOW)     North America


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011229133456.J99302-100000>