Date: Wed, 2 Aug 2000 23:27:07 -0700 (PDT) From: Mike Hoskins <mike@adept.org> To: "Jason C. Wells" <jcwells@nwlink.com> Cc: Gill <jamgill@UU.NET>, freebsd-stable@FreeBSD.ORG Subject: Re: closet homoeroticism in -STABLE?!? Message-ID: <Pine.BSF.4.21.0008022318120.16790-100000@snafu.adept.org> In-Reply-To: <Pine.SOL.3.96.1000802223043.12470C-100000@utah>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2 Aug 2000, Jason C. Wells wrote: > Add three users all with the same password. You will see that the shadow > password is different for all three. (If memory serves) There is something > in that whole crypto deal called salt. (If memory serves) The details are > up to you. I didn't read his initial post, and if I had... I likely wouldn't waste the time that's going into this message on him, but... "The algorithm that crypt() uses is based on the Data Encryption Standard (DES)... The UNIX crypt() function takes the user's password as the encryption key and uses it to encrypt a 64-bit block of zeros. The resulting 64-bit black of cipher text is then encrypted again with the user's password; the process is repeated a total of 25 times. The finaly 64 bits are unpakced into a string of 11 printable characters that are stored in the /etc/passwd file. ...The DES salt is a 12-bit number, between 0 and 4095, which slightly changes the result of the DES function. Each of the 4096 different salts makes a password encrypt a different way. When you change your password, the /bin/passwd program selects a salt based on the time of day. The salt is converted into a two-character string and is stored in the /etc/passwd file along with the encrypted 'password'. In this manner, when you type your password at login time, the same salt is used again. UNIX stores the salt as the first two characters of the encrypted password." --"Practical UNIX & Internet Security" Simson Garfinkel and Gene Spafford O'Reilly & Associates, Inc. http://www.ora.com -mrh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0008022318120.16790-100000>