Date: Sat, 25 Jan 2003 21:48:03 +0200 From: Willie Viljoen <will@unfoldings.net> To: nkinkade@dsl-only.net Cc: freebsd-questions@freebsd.org Subject: Commands to check encrypted passwords (was Re: Misc Questions.) Message-ID: <200301252148.03388.will@unfoldings.net> In-Reply-To: <20030125193503.GD2440@sub21-156.member.dsl-only.net> References: <F66WZhKmcEntH4NnXoN0000e3f8@hotmail.com> <3E32DDB6.7040308@potentialtech.com> <20030125193503.GD2440@sub21-156.member.dsl-only.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Nathan,
This won't work, the md5 system command is to generated md5 message diges=
ts.=20
These are very different from salted passwords, which are a one-way=20
encryption that will almost never be the same. Message digests are always=
the=20
same, using them to encrypt passwords would be abit silly :)
Digests are used (normally) to check the integrity of a downloaded file.
To do this from the command line (without compiling a C program to use it=
from=20
libcrypt) you can use perl, as Matthew Seamon points out:
% perl -e 'print crypt(q{password}, q{$1$xxxxxxxx$}), "\n";'
$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.
In this case, the xxxx's would be the 8 character MD5 salt.
Will
On Saturday 25 January 2003 21:35, Nathan Kinkade wrote:
> On Sat, Jan 25, 2003 at 01:55:50PM -0500, Bill Moran wrote:
> <snip>
>
> > >2. What command can i use if I want to crypt a word and I see it
> > >encrypoted just like the /etc/master.passwd file? For example, I wan=
t to
> > >know how the password "foobar" would be encrypted in /etc/master.pas=
swd
> > >if It would be my real passwd.
> >
> > I don't know the answer to this one, check the source.
>
> <snip>
>
> If you are using md5 password hashing for master.passwd then you can us=
e
> the command:
> # md5 -s "mypassword"
> This should show you what the string ``mypassword'' will hash to using
> md5. However, the other options are des and blf (blowfish). To see
> which you are using check the paramter passwd_format in /etc/login.conf=
=2E
> I don't know what you would use to figure the others, at least not
> through bash.
>
> Nathan
--=20
Willie Viljoen
Freelance IT Consultant
214 Paul Kruger Avenue, Universitas
Bloemfontein
9321
South Africa
+27 51 522 15 60
+27 51 522 44 36 (after hours)
+27 82 404 03 27 (mobile)
will@unfoldings.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200301252148.03388.will>