Date: Tue, 10 Feb 1998 17:44:40 +0100 (CET) From: Benjamin Gras <ben@nl.euro.net> To: isp@FreeBSD.ORG Subject: Re: Passwords.. Message-ID: <199802101644.RAA04045@support.euronet.nl> In-Reply-To: <Pine.BSF.3.96.980210170437.22575D-100000@datorn.teligent.se> from Jakob Alvermark at "Feb 10, 98 05:07:30 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Hi there, > Is it possible to convert DES-encrypted passwords to MD5-encrypted > passwords? (linux to FreeBSD) Don't count on it. Those functions (hashing functions) are designed with the primary goal in mind being irreversibility, so a conversion (short of brute force reversing) would depend on an obscure relation between the two functions, allowing a conversion without reversing. The establishment of the unlikelyhood of this Feature is left as an exercise to the (really patient) reader :). > How can linux use DES passwords outside the states? (Is linux breaking the > law?) Last I heard the DES-based password crypt(3) function is exportable because DES isn't used as a cipher but as a hashing function. There's an important difference, which you're encountering right now.. As for a practical solution (I'd say): Why not make FreeBSD use the DES-based passwords, and patch login(1) to hash (using MD5-style) the password when you've verified the plaintext entered password is correct (by hashing it DES-style as login(1) will do), writing it back into the (master.) passwd file? This way you can do the conversion, in a way.. =Ben To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802101644.RAA04045>