From owner-freebsd-security Fri Feb 14 12:54:11 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA00502 for security-outgoing; Fri, 14 Feb 1997 12:54:11 -0800 (PST) Received: from bofh.cybercity.dk (bofh.cybercity.dk [195.8.128.254]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA00492 for ; Fri, 14 Feb 1997 12:54:05 -0800 (PST) Received: from critter.dk.tfs.com (phk.cybercity.dk [195.8.133.247]) by bofh.cybercity.dk (8.8.3/8.7.3) with ESMTP id VAA08940; Fri, 14 Feb 1997 21:56:31 +0100 (MET) Received: from critter.dk.tfs.com (localhost [127.0.0.1]) by critter.dk.tfs.com (8.8.2/8.8.2) with ESMTP id UAA09914; Fri, 14 Feb 1997 20:56:09 +0100 (MET) To: Mark Murray cc: security@freebsd.org Subject: Re: blowfish passwords in FreeBSD In-reply-to: Your message of "Fri, 14 Feb 1997 21:23:05 +0200." <199702141923.VAA18249@grackle.grondar.za> Date: Fri, 14 Feb 1997 20:56:08 +0100 Message-ID: <9912.855950168@critter.dk.tfs.com> From: Poul-Henning Kamp Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In message <199702141923.VAA18249@grackle.grondar.za>, Mark Murray writes: >> We already have a submission for SSH (?) passwords in a PR, they >> should be merged and documented. > >You mean SHA (secure hash algorithm). I have this FreeBSD ready. Well, if OpenBSD committed first, $2$ should stay assigned to whatever they used if to, and we should import their code. You should commit $3$ to SHA then. (I know I've been sitting on this forever :-( >This method expands on PHK's MD5 passwd(5) scheme where an encrypted >passwd that is not DES looks like $n$sssss$pppppppppp. Actually: $%d$%s$%s The length of the salt or output isn't constrained generally, only per algorithm. -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@tfs.com TRW Financial Systems, Inc. Power and ignorance is a disgusting cocktail.