Date: Sun, 28 Nov 1999 23:42:29 -0700 From: "J.C. Frazier" <wolfman@csocs.com> To: Tom <tom@sdf.com> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: apache13-fp-modssl problem with passwords Message-ID: <38422055.2906C9B2@csocs.com> References: <Pine.BSF.4.05.9911282040030.2406-100000@misery.sdf.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Tom wrote: > > bash-2.03# file author.exe > > author.exe: BSD/OS i386 compact demand paged executable > > Statically link (since it doesn't say dynamic, it has to be static), and > it is a BSD/OS executable, and I doubt that the crypt() function on BSD/OS > knows anything about MD5 passwords. > > > I also checked the service.pwd files and it is encrypting it in DES: > > bash-2.03# john /usr2/www/user/_vti_pvt/service.pwd > > Loaded 1 password (Standard DES [24/32 4K]) > > correctpassword (user) <--- (real pass and username left out of > > this e-mail) > > > > Just not sure about the process of decryption on frontpage or how the > > passwords are matched... > > Try a DES password in master.passwd. If frontpage works with that, then > you must either use DES passwords for everyone who wants to use frontpage, > or get RTR Software to make a FreeBSD build of the frontpage executables. > > > J.C. Frazier > > Tom > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message Very Interesting indeed. I did as you sugested and changed a users password in /etc/master.passwd into des. Failed login via telnet/ftp, and password mismatch via frontpage. I then tried it with vipw so that all the dbs would be updated. Same results. It seems my crypt() doesn't know the difference between md5, des, and a hole in it's head. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38422055.2906C9B2>