Re: Password encrypting

To: Robert Magier <isyn@isi.wat.waw.pl>
Cc: debian-security@lists.debian.org
Subject: Re: Password encrypting
From: Izak Burger <iburger@cs.sun.ac.za>
Date: Fri, 1 Jun 2001 11:44:51 +0200 (SAST)
Message-id: <[🔎] Pine.LNX.4.21.0106011139070.19022-100000@erwin.cs.sun.ac.za>
In-reply-to: <[🔎] Pine.LNX.4.10.10105302212030.2481-100000@dino.wcy.wat.waw.pl>

On Wed, 30 May 2001, Robert Magier wrote:

> Values of encrypted passwords are diffrent each time I use makepasswd. 
> So, how the login program check my  password?
> I tested if I can login to the system for each of this values ( I write it
> down to the /etc/shadow )  and I could.

The crypt() function takes a "salt" value:

char *crypt(const char *key, const char *salt);

The "salt" is some random value that is used in the encryption 
algorithm, two-characters chosen from the set [a-zA-Z0-9./].  These
two characters are then stored as the first two characters of the crypted
password.  That way, when you log in, the password you type along with the
first two characters of the crypted password is handed to crypt().  If the
resulting string is the same as the stored encrypted password, you are
allowed to log in.

regards,
Izak
-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Izak Burger (iburger@cs.sun.ac.za)
http://www.cs.sun.ac.za/
Tel. +27 21 808 4863
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
A big enough hammer can usually fix anything.

Reply to:

Follow-Ups:
- Re: Password encrypting
  - From: Hubert Chan <hubert@math.ualberta.ca>

References:
- Password encrypting
  - From: Robert Magier <isyn@isi.wat.waw.pl>

Prev by Date: Password encrypting
Next by Date: Re: Difrents INPUT/FORWARD -logging
Previous by thread: Password encrypting
Next by thread: Re: Password encrypting
Index(es):
- Date
- Thread