Date: Mon, 11 Feb 2002 17:56:01 +0200 From: Peter Pentchev <roam@ringlet.net> To: Varshavchick Alexander <alex@metrocom.ru> Cc: questions@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: crypt function Message-ID: <20020211175601.B30217@straylight.oblivion.bg> In-Reply-To: <Pine.GSO.4.21.0202111849080.5924-100000@apache.metrocom.ru>; from alex@metrocom.ru on Mon, Feb 11, 2002 at 06:50:10PM %2B0300 References: <20020211174815.A30217@straylight.oblivion.bg> <Pine.GSO.4.21.0202111849080.5924-100000@apache.metrocom.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--ZfOjI3PrQbgiZnxM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Feb 11, 2002 at 06:50:10PM +0300, Varshavchick Alexander wrote: > On Mon, 11 Feb 2002, Peter Pentchev wrote: >=20 > > Date: Mon, 11 Feb 2002 17:48:15 +0200 > > From: Peter Pentchev <roam@ringlet.net> > > To: Varshavchick Alexander <alex@metrocom.ru> > > Cc: questions@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG > > Subject: Re: crypt function > >=20 > > On Mon, Feb 11, 2002 at 06:40:52PM +0300, Varshavchick Alexander wrote: > > > Hi, > > >=20 > > > Here is one more problem: after installing the new 4.5 libraries, > > > crypt() started encrypting not the way it was doing so before the upg= rade, > > > for example: > > >=20 > > > The correct value for encrypted password: 5jbleTVRurM2Y > > > The value for this password after the upgrade: $1$5jbleTVR$TqxKtkw51= R3tPSGDexK.a1 > > >=20 > > > So it evidently uses some other mechanism now, how can it be solved? > >=20 > > It uses MD5 encryption by default. Is this a problem for any > > of the installed programs? They should generally "just work". > >=20 > > If you are indeed having trouble, edit /etc/auth.conf and change > > the crypt_default to 'des'. >=20 > So can you say by first glance, is it true that the short form > (5jbleTVRurM2Y) used md5, and the current form > ($1$5jbleTVR$TqxKtkw51R3tPSGDexK.a1) is using des? No, the other way 'round. The DES password encryption generates 13-charact= er passwords, with the salt in the first two characters. MD5-encrypted passwords are generally much longer, starting with $1 (encryption method 1), continuing with $salt$ and then the encrypted password. What I am saying is, you may set crypt_default =3D des and let crypt(3) generate DES-encrypted passwords, if this is what your programs expect. login(1), PAM and the rest of the base system utilities should have no trouble dealing with the new format of passwords in /etc/master.password, so setting crypt_default is generally not needed, unless you are really having problems with programs generating DES passwords and comparing them against MD5-encoded ones. G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 If there were no counterfactuals, this sentence would not have been paradox= ical. --ZfOjI3PrQbgiZnxM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjxn6ZEACgkQ7Ri2jRYZRVPZwQCeKBHo2FTYeewreeXzMm5DSOd3 z6IAnAvdRipfaDGkegd86n8oej5c/M1k =7Ctz -----END PGP SIGNATURE----- --ZfOjI3PrQbgiZnxM-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020211175601.B30217>