Date: Tue, 10 Jul 2001 09:05:32 -0600 From: "Jan L. Peterson" <jlp@runbox.com> To: Walter Campbell <wcampbel@botbay.net> Cc: Mike Tancsa <mike@sentex.net>, Jim Weeks <jim@siteplus.net>, stable@FreeBSD.ORG Subject: Re: Generating encrypted passwords Message-ID: <20010710150532.67ED041E6E@aurora.corp.flipdog.com> In-Reply-To: Your message of "Tue, 10 Jul 2001 10:24:55 EDT." <Pine.BSF.4.32.0107101023360.542-100000@botbay.net> References: <Pine.BSF.4.32.0107101023360.542-100000@botbay.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multipart MIME message. --==_Exmh_740581280 Content-Type: text/plain; charset=us-ascii wcampbel@botbay.net said: > A DES (and MD5) salt (and the rest of the hash) can contain a-z A-Z > 0-9 . and / Exactly... since we seem to be sharing, here's my script. No comments, please, about how it's not a very good password. It's good enough for my purposes (generating an initial password for a user account or htaccess file, typically). I know that crack would eat these passwords for breakfast. I use a different algorithm for generating passwords that are "important"... the FIPS 181 standard. -jan- -- Jan L. Peterson <jlp@runbox.com> --==_Exmh_740581280 Content-Type: text/plain ; name="mkpw"; charset=us-ascii Content-Description: mkpw Content-Disposition: attachment; filename="mkpw" #! /usr/local/bin/perl # # mkpw: generate a random password *or* display the crypted password # for a given plain text password (and optionally, salt) # # - Jan L. Peterson <jlp@runbox.com> @saltchars = ('.', '/', '0'..'9', 'A'..'Z', 'a'..'z'); $clear = shift; $salt = shift; $salt = &makesalt unless defined($salt); $clear = &makepw unless defined($clear); $pass = crypt($clear, $salt); print "$clear -> $pass\n"; sub makesalt { return($saltchars[int(rand(scalar(@saltchars)))] . $saltchars[int(rand(scalar(@saltchars)))]); } sub makepw { open(WORDS, '/usr/share/dict/words'); while (<WORDS>) { chop; $len = length($_); push(@three, $_) if $len == 3; push(@four, $_) if $len == 4; } close(WORDS); @sep = ('0'..'9', split(m//, '+,/=?^%*')); if (rand(2) >= 1) { $word = $three[int(rand(scalar(@three)))] . $sep[int(rand(scalar(@sep)))] . $four[int(rand(scalar(@four)))]; } else { $word = $four[int(rand(scalar(@four)))] . $sep[int(rand(scalar(@sep)))] . $three[int(rand(scalar(@three)))]; } return($word); } --==_Exmh_740581280-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010710150532.67ED041E6E>