Date: Tue, 29 Oct 2019 14:14:07 +0100 From: =?UTF-8?Q?Stefan_E=c3=9fer?= <se@freebsd.org> To: freebsd-hackers@freebsd.org Subject: Re: converting password hashes Message-ID: <6bc3f2ec-0b2b-bbcc-2636-7130f8567bb4@freebsd.org> In-Reply-To: <1A7D3067-D5D6-47A0-9F42-FCBF8A1A856D@transactionware.com> References: <alpine.BSF.2.20.1910291310310.72617@puchar.net> <1A7D3067-D5D6-47A0-9F42-FCBF8A1A856D@transactionware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 29.10.19 13:49, Jan Martin Mikkelsen wrote: >> On 29 Oct 2019, at 13:13, Wojciech Puchar <wojtek@puchar.net> wrote: >> >> i want to convert accouts from one system where there was mail-only accounts using dovecot/postfix based system and SQL tables to my system, where accounts are real unix accounts - that do mail and other things. >> >> I don't know all people's plaintext passwords, and i don't need to and want to, but i want new accounts to work with the same passwords >> >> in SQL tables there are entries like this: >> >> $1$aab7638c$Cn7BA/oU4mzr0QltXzV7Z0 >> >> and these works by simple cut and paste to /etc/master.passwd file >> >> >> but there are entries like: >> >> {PLAIN-MD5}c575f55800a549930b9063b43af04f47 >> >> that doesn't >> >> >> is there a way to make it work without contacting over hundred people and telling them what new password they have? > > If it is just MD5 with no salt, I suspect substituting “$1$$” for the “{PLAIN_MD5}” would be sufficient. I have not checked the code, this might even work (if there is no check for a non-empty hash). But the plain MD5 hashes have to be converted from hex to base64, too, since that is the expected encoding for $1$ password entries ... Regards, STefan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6bc3f2ec-0b2b-bbcc-2636-7130f8567bb4>