Date: Sat, 25 Jan 2003 18:24:15 -0800 From: Nathan Kinkade <nkinkade@dsl-only.net> To: freebsd-questions@freebsd.org Subject: Re: Commands to check encrypted passwords (was Re: Misc Questions.) Message-ID: <20030126022415.GE2440@sub21-156.member.dsl-only.net> In-Reply-To: <200301252148.03388.will@unfoldings.net> References: <F66WZhKmcEntH4NnXoN0000e3f8@hotmail.com> <3E32DDB6.7040308@potentialtech.com> <20030125193503.GD2440@sub21-156.member.dsl-only.net> <200301252148.03388.will@unfoldings.net>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On Sat, Jan 25, 2003 at 09:48:03PM +0200, Willie Viljoen wrote:
> Nathan,
>
> This won't work, the md5 system command is to generated md5 message digests.
> These are very different from salted passwords, which are a one-way
> encryption that will almost never be the same. Message digests are always the
> same, using them to encrypt passwords would be abit silly :)
>
> Digests are used (normally) to check the integrity of a downloaded file.
>
> To do this from the command line (without compiling a C program to use it from
> libcrypt) you can use perl, as Matthew Seamon points out:
>
> % perl -e 'print crypt(q{password}, q{$1$xxxxxxxx$}), "\n";'
> $1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.
>
> In this case, the xxxx's would be the 8 character MD5 salt.
>
> Will
Will,
Thanks for the clarification! My own ignorance on the subject led me to
post bad info to the list! I'll have to read up on all this.
Thanks,
Nathan
--
GPG Public Key ID: 0x4250A04C
gpg --keyserver pgp.mit.edu --recv-keys 4250A04C
http://63.105.21.156/gpg_nkinkade_4250A04C.asc
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)
iD8DBQE+M0bPWZYS9EJQoEwRAmR0AKCwFrJ4W3uJeOD08Z2iPlIeqehQUQCeKqdG
B68+s1RNYeyg9KWt0VZEroY=
=9CvK
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030126022415.GE2440>