Date: Sun, 17 Apr 2005 15:13:36 +0100 From: "Vince" <jhary@unsane.co.uk> To: <freebsd-questions@freebsd.org> Subject: RE: Encryption of login passwords--where and how is it done? Message-ID: <200504171413.j3HED4os059478@unsane.co.uk> In-Reply-To: <20050416134035.H34987@sotec.home>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > Where's the actual code that accepts the input of a password and/or > > encrypts it? I looked in login.c, but that only seems to > call PAM or > > something; from that point on, I wasn't sure where to look. > > Start with crypt(3). As an aside, you can change the encryption used by login by changing the passwd_format option in login.conf for you login class. >From man login.conf passwd_format string md5 The encryption format that new or changed passwords will use. Valid values include "des", "md5" and "blf". NIS clients using a non-FreeBSD NIS server should proba- bly use "des". > > > I'm especially interested in knowing how a very long > password (up to > > the FreeBSD limit of, I think, 128 characters) is hashed and mashed > > into an encrypted password, but I'm also generally > interested in the > > whole process. I'd like to think that a 128-byte password > consisting > > of random words and special characters would be just as secure as a > > shorter, completely random password, but that's only true > if FreeBSD > > is hashing the entire 128-byte string in some > cryptographically secure > > way in order to produce an encrypt password that is a function of > > every bit of the plaintext password. > > Look in /usr/src/lib/libcrypt/. The MD5 password hashing > scheme is found in crypt-md5.c (the whole password is being > used, btw). > > $.02, > /Mikko > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504171413.j3HED4os059478>