From owner-freebsd-questions@FreeBSD.ORG  Thu Jun 19 16:04:30 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 20D1237B401
	for <freebsd-questions@freebsd.org>;
	Thu, 19 Jun 2003 16:04:30 -0700 (PDT)
Received: from pop016.verizon.net (pop016pub.verizon.net [206.46.170.173])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 34DF343F85
	for <freebsd-questions@freebsd.org>;
	Thu, 19 Jun 2003 16:04:29 -0700 (PDT)	(envelope-from cswiger@mac.com)
Received: from mac.com ([141.149.47.46]) by pop016.verizon.net
          (InterMail vM.5.01.05.33 201-253-122-126-133-20030313) with ESMTP
          id <20030619230428.OKMS3199.pop016.verizon.net@mac.com>;
          Thu, 19 Jun 2003 18:04:28 -0500
Message-ID: <3EF2417B.2080204@mac.com>
Date: Thu, 19 Jun 2003 19:04:27 -0400
From: Chuck Swiger <cswiger@mac.com>
Organization: The Courts of Chaos
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.4) Gecko/20030529
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Tim Legg <legg@iastate.edu>
References: <Pine.OSF.3.95.1030619173423.18159A-100000@isua1.iastate.edu>
In-Reply-To: <Pine.OSF.3.95.1030619173423.18159A-100000@isua1.iastate.edu>
X-Enigmail-Version: 0.76.0.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Authentication-Info: Submitted using SMTP AUTH at pop016.verizon.net from
	[141.149.47.46] at Thu, 19 Jun 2003 18:04:28 -0500
cc: freebsd-questions@freebsd.org
Subject: Re: Passwords and MD5
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jun 2003 23:04:30 -0000

Tim Legg wrote:
[ ... ]
> nerdy:$1$1xYw.V8w$IozDgrd4srvZPPqu85cR..:1005:1006::0:0:Mr. Know-it-all:/home/nerdy:/bin/sh
> 
> The $1$ means we are in fact using MD5.
> 
> but when I run md5 in the command line, I get
> 
> $ md5 -s FreeBSD
> MD5 ("FreeBSD") = a3dc630729e463135f4e608954fa6e19
> 
> which is considerably different.

Starting with the simpler case of a classic DES-based password, what happens is 
that the system doesn't just hash or encrypt the user's plaintext password, but 
the password plus a randomly chosen two-letter "salt", which was intended to 
make it difficult to simply DES plaintext and compare to the encoded password.

With regard to MD5, try taking the ASCII representation above, converting it to 
the raw hexidecimal equivalent, and then running that through b64encode.  :-)

-- 
-Chuck