Date: Tue, 29 Oct 2019 14:14:07 +0100 From: =?UTF-8?Q?Stefan_E=c3=9fer?= <se@freebsd.org> To: freebsd-hackers@freebsd.org Subject: Re: converting password hashes Message-ID: <6bc3f2ec-0b2b-bbcc-2636-7130f8567bb4@freebsd.org> In-Reply-To: <1A7D3067-D5D6-47A0-9F42-FCBF8A1A856D@transactionware.com> References: <alpine.BSF.2.20.1910291310310.72617@puchar.net> <1A7D3067-D5D6-47A0-9F42-FCBF8A1A856D@transactionware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 29.10.19 13:49, Jan Martin Mikkelsen wrote:
>> On 29 Oct 2019, at 13:13, Wojciech Puchar <wojtek@puchar.net> wrote:
>>
>> i want to convert accouts from one system where there was mail-only accounts using dovecot/postfix based system and SQL tables to my system, where accounts are real unix accounts - that do mail and other things.
>>
>> I don't know all people's plaintext passwords, and i don't need to and want to, but i want new accounts to work with the same passwords
>>
>> in SQL tables there are entries like this:
>>
>> $1$aab7638c$Cn7BA/oU4mzr0QltXzV7Z0
>>
>> and these works by simple cut and paste to /etc/master.passwd file
>>
>>
>> but there are entries like:
>>
>> {PLAIN-MD5}c575f55800a549930b9063b43af04f47
>>
>> that doesn't
>>
>>
>> is there a way to make it work without contacting over hundred people and telling them what new password they have?
>
> If it is just MD5 with no salt, I suspect substituting “$1$$” for the “{PLAIN_MD5}” would be sufficient.
I have not checked the code, this might even work (if there is no check
for a non-empty hash).
But the plain MD5 hashes have to be converted from hex to base64, too,
since that is the expected encoding for $1$ password entries ...
Regards, STefan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6bc3f2ec-0b2b-bbcc-2636-7130f8567bb4>