Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 17 Apr 2005 15:13:36 +0100
From:      "Vince" <jhary@unsane.co.uk>
To:        <freebsd-questions@freebsd.org>
Subject:   RE: Encryption of login passwords--where and how is it done?
Message-ID:  <200504171413.j3HED4os059478@unsane.co.uk>
In-Reply-To: <20050416134035.H34987@sotec.home>
next in thread | previous in thread | raw e-mail | index | archive | help 
 > 
> > Where's the actual code that accepts the input of a password and/or 
> > encrypts it?  I looked in login.c, but that only seems to 
> call PAM or 
> > something; from that point on, I wasn't sure where to look.
> 
> Start with crypt(3).

As an aside, you can change the encryption used by login by changing the 
passwd_format option in login.conf for you login class. 
>From man login.conf

passwd_format    string    md5     The encryption format that new or
                                   changed passwords will use.  Valid
                                   values include "des", "md5" and
                                   "blf".  NIS clients using a
                                   non-FreeBSD NIS server should proba-
                                   bly use "des".


> 
> > I'm especially interested in knowing how a very long 
> password (up to 
> > the FreeBSD limit of, I think, 128 characters) is hashed and mashed 
> > into an encrypted password, but I'm also generally 
> interested in the 
> > whole process.  I'd like to think that a 128-byte password 
> consisting 
> > of random words and special characters would be just as secure as a 
> > shorter, completely random password, but that's only true 
> if FreeBSD 
> > is hashing the entire 128-byte string in some 
> cryptographically secure 
> > way in order to produce an encrypt password that is a function of 
> > every bit of the plaintext password.
> 
> Look in /usr/src/lib/libcrypt/.  The MD5 password hashing 
> scheme is found in crypt-md5.c (the whole password is being 
> used, btw).
> 
>     $.02,
>     /Mikko
> _______________________________________________
> freebsd-questions@freebsd.org mailing list 
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "freebsd-questions-unsubscribe@freebsd.org"
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504171413.j3HED4os059478>