Re: Redhat shadow file.
- From: ggr@xxxxxxxxxxxx (Gregory G Rose)
- Date: 31 Aug 2006 12:53:39 -0700
In article <1157044408.764003.109150@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
Mike <mglasspo@xxxxxxx> wrote:
I think it is a salted MD5. It looks like this:
$1$iONPlxvS$PVRh6jALAMVuURjy17xDG.
Which looks like $1$ followed by a 8 char hash followed by the result
of the hash of the MD5.
Yes, it is. It's the Gnu extended version of the
password. From the crypt(3) man page on a linux
system:
The glibc2 version of this function has the following additional fea-
tures. If salt is a character string starting with the three charac-
ters "$1$" followed by at most eight characters, and optionally termi-
nated by "$", then instead of using the DES machine, the glibc crypt
function uses an MD5-based algorithm, and outputs up to 34 bytes,
namely "$1$<string>$", where "<string>" stands for the up to 8 charac-
ters following "$1$" in the salt, followed by 22 bytes chosen from the
set [a-zA-Z0-9./]. The entire key is significant here (instead of only
the first 8 bytes).
It doesn't actually say how the MD5 is done, but
as far as I know it's just MD5(salt | password). I
could be wrong. Note that the encoding is not
standard base-64, although it's close.
Greg.
--
Greg Rose
232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C
Qualcomm Australia: http://www.qualcomm.com.au
.
- References:
- Redhat shadow file.
- From: Mike
- Redhat shadow file.
- Prev by Date: Re: Redhat shadow file.
- Next by Date: Re: Redhat shadow file.
- Previous by thread: Re: Redhat shadow file.
- Next by thread: Re: Redhat shadow file.
- Index(es):
Relevant Pages
|
|
