From owner-freebsd-current@FreeBSD.ORG Sun Nov 14 09:07:46 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 39DBF16A4CE for ; Sun, 14 Nov 2004 09:07:46 +0000 (GMT) Received: from anduin.net (anduin.net [212.12.46.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id DD3B443D1F for ; Sun, 14 Nov 2004 09:07:45 +0000 (GMT) (envelope-from ltning@anduin.net) Received: from mailnull by anduin.net with dspam-scanned (Exim 4.43 (FreeBSD)) id 1CTGJ1-000OBQ-GM for current@freebsd.org; Sun, 14 Nov 2004 10:04:19 +0100 Received: from mailnull by anduin.net with spamassassin-scanned (Exim 4.43 (FreeBSD)) id 1CTGIy-000OBE-Aw for current@freebsd.org; Sun, 14 Nov 2004 10:04:19 +0100 Received: from ranger.anduin.net ([81.0.162.52] helo=[192.168.1.10]) by anduin.net with esmtp (Exim 4.43 (FreeBSD)) id 1CTGIy-000OBB-5t; Sun, 14 Nov 2004 10:04:16 +0100 In-Reply-To: <4196398D.2030000@fer.hr> References: <4196398D.2030000@fer.hr> Mime-Version: 1.0 (Apple Message framework v675) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <9317D906-361C-11D9-A154-000D9335BCEC@anduin.net> Content-Transfer-Encoding: 7bit From: =?ISO-8859-1?Q?Eirik_=D8verby?= Date: Sun, 14 Nov 2004 10:07:13 +0100 To: Ivan Voras X-Mailer: Apple Mail (2.675) X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on anduin.net X-Spam-Level: X-Spam-Status: No, hits=-4.9 required=7.5 tests=AWL,BAYES_00 autolearn=ham version=2.64 cc: current@freebsd.org Subject: Re: Passwd format? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Nov 2004 09:07:46 -0000 Hi, On the OpenLDAP homepages are a collection of tools that can be used to import existing passwd (and other) data sources into LDAP. I have done this on my ex-NIS-server, and am now using LDAP on all the other servers to authenticate. The passwords were imported just fine, and are working just fine. Took me a while to find those tools though; look here: http://www.padl.com/OSS/MigrationTools.html You might have to hack the scripts slightly to have them run on FreeBSD, but it took me about 2 minutes to do so. Amazing how easy it was after having tried myself for the last 2 days... ;) Good luck! /Eirik On 13. Nov 2004, at 17:42, Ivan Voras wrote: > The Handbook and crypt(3) say passwords in master.passwd are MD5 > hashes if they start with $1$, for example: > > $1$DP.s8oCc$VJo0/026/S5ng6HlD1Sz8/ > > the format is $1$salt$rest. I have several questions: > > How are the values encoded? This looks something like base64. > > Is it possible to actually verify the password against this format > using only a bare implementation of the md5 algorithm? > > Actually, the reason for these questions is that I'm considering using > LDAP authentication on a machine with lots of users and I'm wondering > if existing passwd information could be transported to LDAP. Any > experiences/docs on this? > > Thanks! > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to > "freebsd-current-unsubscribe@freebsd.org" > > > Hi, On the OpenLDAP homepages are a collection of tools that can be used to import existing passwd (and other) data sources into LDAP. I have done this on my ex-NIS-server, and am now using LDAP on all the other servers to authenticate. The passwords were imported just fine, and are working just fine. Took me a while to find those tools though; look here: http://www.padl.com/OSS/MigrationTools.html You might have to hack the scripts slightly to have them run on FreeBSD, but it took me about 2 minutes to do so. Amazing how easy it was after having tried myself for the last 2 days... ;) Good luck! /Eirik On 13. Nov 2004, at 17:42, Ivan Voras wrote: The Handbook and crypt(3) say passwords in master.passwd are MD5 hashes if they start with $1$, for example: $1$DP.s8oCc$VJo0/026/S5ng6HlD1Sz8/ the format is $1$salt$rest. I have several questions: How are the values encoded? This looks something like base64. Is it possible to actually verify the password against this format using only a bare implementation of the md5 algorithm? Actually, the reason for these questions is that I'm considering using LDAP authentication on a machine with lots of users and I'm wondering if existing passwd information could be transported to LDAP. Any experiences/docs on this? Thanks! _______________________________________________ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"