Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 23 Dec 2013 02:50:07 +0000
From:      "Teske, Devin" <Devin.Teske@fisglobal.com>
To:        RW <rwmaillists@googlemail.com>
Cc:        Devin Teske <dteske@freebsd.org>, "Teske, Devin" <Devin.Teske@fisglobal.com>, FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Re: setting encrypted password for a user
Message-ID:  <1FCEF95A-F37A-4A57-B3A8-AE67776749BE@fisglobal.com>
In-Reply-To: <20131223005530.352d08fb@gumby.homeunix.com>
References:  <1387690591.75236.YahooMailNeo@web165002.mail.bf1.yahoo.com> <79C9317F-84B9-4F8F-8D5F-4DE0B63ED056@fisglobal.com> <20131223005530.352d08fb@gumby.homeunix.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Dec 22, 2013, at 4:55 PM, RW wrote:

> On Sun, 22 Dec 2013 05:47:08 +0000
> Teske, Devin wrote:
>=20
>>=20
>> On Dec 21, 2013, at 9:36 PM, M. V. wrote:
>>=20
>>> hello,
>>>=20
>>> I'm using FreeBSD-8.2. I have a program which sends "MD5=20
>>> of the new password" of a user to me, and I want to reset user's
>>> password with it. I realized I can use "chpass" to set encrypted
>>> password for a user, but it needs salt and I couldn't make it work
>>> without it. so I wanted to know:
>>> - can I set user's password in FreeBSD if I have only MD5 of the
>>> password? how?
>>>=20
>>=20
>> echo 'MD5-HASH' | pw usermod username -H 0
>=20
> Presumably that's  just a way inserting the salted hash. If
> you simply have the md5 of a password it shouldn't be possible to
> create a password entry.

RW is correct, if what is sent to you does not look like "$1$blah$moreblah"
then you don't have a hash, but a digest. You cannot turn a digest into a
hash because that would require getting at the data that was digested.

The ``echo ... | pw ...'' command I gave is only going to work if you have a
hash (looks like "$1$blah$moreblah") and not a digest (looks like "blah").
--=20
Devin

_____________
The information contained in this message is proprietary and/or confidentia=
l. If you are not the intended recipient, please: (i) delete the message an=
d all copies; (ii) do not disclose, distribute or use the message in any ma=
nner; and (iii) notify the sender immediately. In addition, please be aware=
 that any message addressed to our domain is subject to archiving and revie=
w by persons other than the intended recipient. Thank you.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1FCEF95A-F37A-4A57-B3A8-AE67776749BE>