Date: Thu, 19 Jun 2003 19:04:27 -0400 From: Chuck Swiger <cswiger@mac.com> To: Tim Legg <legg@iastate.edu> Cc: freebsd-questions@freebsd.org Subject: Re: Passwords and MD5 Message-ID: <3EF2417B.2080204@mac.com> In-Reply-To: <Pine.OSF.3.95.1030619173423.18159A-100000@isua1.iastate.edu> References: <Pine.OSF.3.95.1030619173423.18159A-100000@isua1.iastate.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Tim Legg wrote: [ ... ] > nerdy:$1$1xYw.V8w$IozDgrd4srvZPPqu85cR..:1005:1006::0:0:Mr. Know-it-all:/home/nerdy:/bin/sh > > The $1$ means we are in fact using MD5. > > but when I run md5 in the command line, I get > > $ md5 -s FreeBSD > MD5 ("FreeBSD") = a3dc630729e463135f4e608954fa6e19 > > which is considerably different. Starting with the simpler case of a classic DES-based password, what happens is that the system doesn't just hash or encrypt the user's plaintext password, but the password plus a randomly chosen two-letter "salt", which was intended to make it difficult to simply DES plaintext and compare to the encoded password. With regard to MD5, try taking the ASCII representation above, converting it to the raw hexidecimal equivalent, and then running that through b64encode. :-) -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EF2417B.2080204>