From owner-freebsd-questions  Tue Feb 20 15:33:06 1996
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id PAA14496
          for questions-outgoing; Tue, 20 Feb 1996 15:33:06 -0800 (PST)
Received: from rocky.sri.MT.net (rocky.sri.MT.net [204.182.243.10])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id PAA14487
          for <freebsd-questions@FreeBSD.org>; Tue, 20 Feb 1996 15:33:03 -0800 (PST)
Received: (from nate@localhost) by rocky.sri.MT.net (8.6.12/8.6.12) id QAA12323; Tue, 20 Feb 1996 16:35:28 -0700
Date: Tue, 20 Feb 1996 16:35:28 -0700
From: Nate Williams <nate@sri.MT.net>
Message-Id: <199602202335.QAA12323@rocky.sri.MT.net>
To: Rich Siggs <rich@goliath.spirit.net.au>
Cc: jkh@time.cdrom.com (Jordan K. Hubbard), freebsd-questions@FreeBSD.org
Subject: Re: Q: exportable DES library ...
In-Reply-To: <199602202243.JAA04935@goliath.spirit.net.au>
References: <24113.824814381@time.cdrom.com>
	<199602202243.JAA04935@goliath.spirit.net.au>
Sender: owner-questions@FreeBSD.org
Precedence: bulk

[ Removed -stable from the list ]

> >  The default password "encryption" with 1.x
> > was a simple scrambler and about as difficult to break as a Captain
> > Midnight decoder ring, fresh from a box of cereal.
> 
> 	Cute - yet more motivation to solve this.. :/

Well, it wasn't *quite* that bad. :)

> > That might actually work to your advantage, however.  Nate - what was
> > the algorithm you used?  I don't have any 1.x sources around to check.
> 
> 	From the 1.1 srcdist I've got, it appears that 1.1 libcrypt sources
> call MD5 routines, yet there are references to the need for DES
> routines in the libc crypt.. Confusion reigns, could someone help me
> identify the actual default/original passwd encryption routines used
> by 1.1.5.1-RELEASE, with what src distrib they're in, etc?

The default crypt exists in /usr/src/lib/libc/*/crypt.c, which I'm
pretty sure has the DES comments in it, but it has been awhile.

> > It may well be that you can write a perl script to descramble the
> > puppies and then re-DES or MD5 encrypt them.

Unfortunately, it's not that easy.  The scrambler routine was stolen
from a Minix posting from the mid 80's which was written because the
default Minix password encrypter which could be reversed.

Now, the scrambler routine might be reversable, but I don't know of any
script to do that.  When we first installed it it was pretty easy to
'reverse' the default encryption since the default was plain-text
passwords, but moving from the scrambler to MD5 or DES might be
difficult.


Nate