Re: Password Encryption Blues

From: Bernd Eckenfels (ecki-news2002-05@lina.inka.de)
Date: 05/23/02

• Next message: Felix Tilley: "Re: IP address <--> Global Positioning System (GPS)"
• Previous message: Bernd Eckenfels: "Re: IP address <--> Global Positioning System (GPS)"
• In reply to: The One and Only duck: "Re: Password Encryption Blues"
• Next in thread: Matt Barton: "Re: Password Encryption Blues"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Bernd Eckenfels <ecki-news2002-05@lina.inka.de>
Date: 23 May 2002 19:51:45 GMT

The One and Only duck <root@home.right.now> wrote:
>> ( freebsd accepts MD5 oo, but i think the format will be recognized automativally)
>>
> Just for completeness of reference - RedHat 7.2 defaults to md5 too.

FreeBSD has a modular hash, the first $x$ gives the algo ciper, 1=md5,
2=blowfish.

If it does not start with $1$ it defaults to DES

crypt(3):

    The first argument to crypt is the data to hash (usually a password), in
     a null-terminated string. The second is the salt, in one of three forms:

           Extended If it begins with an underscore (`_'') then the DES
                        Extended Format is used in interpreting both the key
                        and the salt, as outlined below.
           Modular If it begins with the string `$digit$'' then the Mod-
                        ular Crypt Format is used, as outlined below.
           Traditional If neither of the above is true, it assumes the Tradi-
                        tional Format, using the entire string as the salt (or
                        the first portion).
...
    The global default format can be set using the /etc/auth.conf file using
     the crypt_default property.

And FreeBSD defaults to SHA1, supporting MD5, depending on the first letter
of the hash.

Using the "md5" option to passwd pam module under linux without the shadow
file does create $1$xxxxx on my Debian Box, too.

Greetings
Bernd

---

• Next message: Felix Tilley: "Re: IP address <--> Global Positioning System (GPS)"
• Previous message: Bernd Eckenfels: "Re: IP address <--> Global Positioning System (GPS)"
• In reply to: The One and Only duck: "Re: Password Encryption Blues"
• Next in thread: Matt Barton: "Re: Password Encryption Blues"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Password Encryption Blues ... >> (freebsd accepts MD5 oo, but i think the format will be recognized automativally) ... FreeBSD has a modular hash, the first $x$ gives the algo ciper, 1=md5, ... And FreeBSD defaults to SHA1, supporting MD5, depending on the first letter ... (comp.security.unix) how to replace corrupted /sbin/init ... Thanks Gilad, it looks like my /sbin/init is corrupted. ... Subject: verify md5 for /sbin/init on ... FreeBSD Stable 4.9 ... (freebsd-questions) Re: Installing OpenOffice 1.1 question ... Plain ol' md5 is probably what you're looking for. ... first time I tried it in FreeBSD -- I was used to it being called md5sum ... (freebsd-questions) rfc2385 support ... I'm trying to find out if any release of FreeBSD supports MD5 as per ... I will be using it with quagga on BGP session authentication. ... (freebsd-net) md5 hash request: ... Does anybody have the md5 has value of /usr/bin/netstat ... of a FreeBSD 4.4 RELEASE #0 which whas securely boxed? ... Arie ... To unsubscribe, ... (FreeBSD-Security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)