Date: Mon, 20 Sep 1999 23:40:54 -0600 From: Damien Tougas <dtougas@converging.net> To: Dan Busarow <dan@dpcsys.com> Cc: freebsd-questions@freebsd.org Subject: Re: How does this password encryption stuff work? Message-ID: <19990920234054.A13838@converging.net> In-Reply-To: <Pine.BSF.3.96.990920172823.14288D-100000@java.dpcsys.com> References: <19990920162535.A96199@converging.net> <Pine.BSF.3.96.990920172823.14288D-100000@java.dpcsys.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Are you saying that if the password was 'secure' that the key would be 'se'? I have tried that but have not had any luck as of yet. It seems that only passwords encrypted in master.passwd will work. I have tried using both crypt and bdes, both did not seem to work. One thing that I did notice wat that crypt and bdes used weird shapes and other strage characters, where as all encrypted passwords in master.passwd are just basic ascii characters. I must be missing somthing here, but I'm not sure what. Any suggestions are very much appreciated. My application is this: ProFTPd allows you to set a different password for a user using the UserPassword directive in the config file. The problem is that the new password in the config file must be encrypted (as is said in the documentation using the crypt() command). I do not know how to effectively encrypt a plain text password so that it works. The only way I have been able to do it is by pulling the already incrypted password from master.passwd. -- Damien Tougas Converging Technology Solutions, Inc. Phone: (780)469-1679 Fax: (780)461-5127 E-mail: dtougas@converging.net http://www.converging.net > > I am trying to understand how password encryption works using a tool > > such as the crypt command. I recently had to put an encrypted password > > in a config file for a program, and was not sure how exactly to do it. > > What I ended up doing was temorarily creating a user with the password > > that I wanted, then copied the encrypted password from master.passwd > > into the config file, then deleted the user. I know ther is a simpler > > way to do this, but I do not understand how it works. If I use the > > crypt program, I am required to put in a key. That means that the > > encrypted password could be anything, which I suppose is good, but > > how does the program then compare the password the user enters it with > > the actual encrypted password, if it does non know what the key is? > > The "key" is the first two characters of the plain text password. > > Dan > -- > Dan Busarow 949 443 4172 > Dana Point Communications, Inc. dan@dpcsys.com > Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990920234054.A13838>