Date: Mon, 15 Nov 2004 10:42:55 +0100 From: Pawel Wieleba <wielebap@volt.iem.pw.edu.pl> To: freebsd-current@freebsd.org Cc: Ivan Voras <ivoras@fer.hr> Subject: Re: Passwd format? Message-ID: <20041115094255.GA19206@volt.iem.pw.edu.pl> In-Reply-To: <4196398D.2030000@fer.hr> References: <4196398D.2030000@fer.hr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Nov 13, 2004 at 05:42:53PM +0100, Ivan Voras wrote: > The Handbook and crypt(3) say passwords in master.passwd are MD5 hashes > if they start with $1$, for example: > > $1$DP.s8oCc$VJo0/026/S5ng6HlD1Sz8/ > > the format is $1$salt$rest. I have several questions: > > How are the values encoded? This looks something like base64. > > Is it possible to actually verify the password against this format using > only a bare implementation of the md5 algorithm? No. > > Actually, the reason for these questions is that I'm considering using > LDAP authentication on a machine with lots of users and I'm wondering if > existing passwd information could be transported to LDAP. Any > experiences/docs on this? Yes of course. I have migrated from /etc/master.passwd to LDAP. I've used MigrationTools and changed them to support FreeBSD /etc/master.passwd file. www.padl.com/download/MigrationTools.tgz A patch to migrate_common.ph is available from my web: www.iem.pw.edu.pl/~wielebap/ldap/migrationtools/migrate_common.ph.diff A have created a new migrate_masterpasswd.pl (changed migrate_passwd.pl) www.iem.pw.edu.pl/~wielebap/ldap/migrationtools/migrate_masterpasswd.pl You can also use pam_ldap to migrate password hash from one to another hash format: http://www.freebsd.org/cgi/query-pr.cgi?pr=71289 www.iem.pw.edu.pl/~wielebap/ldap/pam_ldap/pam_ldap_doc.pdf (section 1) It may be helpful to see PRs: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/73448 http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/72867 Pawel Wieleba P.Wieleba@iem.pw.edu.pl
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041115094255.GA19206>