[lug] generating linux passwords using openssl
charles at lunarmedia.net
charles at lunarmedia.net
Sun Apr 29 12:22:43 MDT 2001
> Your /etc/shadow is using md5. If you look at all of the passwords, you
> will find that they all start (or most of them) with a $1. You might try
> the -apr1 flag on openssl and see what you get. I don't know enough about
> how md5 works to tell you what the salt is.
>
> Hugh
>
Thanks, when i run the plaintext password against -apr1
I am still not getting an exact match with /etc/shadow, but
I would imagine that is because I don't know the correct salt
to use as a suggestion of how to encrypt.
I'll read up more on md5. If you find out how you are derive
their salt from an existing password, please pass it on.
Thanks -charles
>
> "charles at lunarmedia.net"
> >
> > i'm messing around with taking a plain text password and running
> >
> > openssl passwd -salt <characters> <passphrase>
> >
> > to compare the outcome with entries in my /etc/shadow file. the output i
> > am seeing from this command is very different from the output i see in
> > /etc/shadow.
> >
> > for example, in /etc/shadow, i see:
> >
> > test:$1$1pqC/5DL$d/xHPgKHEilQeSqcArGNP0
> >
> > test is a user whose passphrase is "charles"
> >
> > i think that the salt for this password is "$1$" (the first three
> > characters, right?)
> >
> > when i run:
> >
> > openssl passwd -salt $1$ charles
> >
> > i get:
> >
> > $AdaOyvpHrybM
> >
> > which is considerably different. the only options i see for encryption
> > methods under openssl are -apr1 for md5 and -crypt which is the default
> > and is standard unix encryption.
> >
> > why such a difference in the two hashes?
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>
More information about the LUG
mailing list