Re: Linux and Security

To: "Kyle Amon" <amonk@gnutec.com>, "Debian User List" <debian-user@lists.debian.org>
Cc: <grep@oriole.sbay.org>, "Michael Beattie" <mickyb@es.co.nz>, "Joey Hess" <joey@kitenet.net>
Subject: Re: Linux and Security
From: "Lane" <lpierce@gte.net>
Date: Thu, 20 Aug 1998 07:42:09 -0500
Message-id: <[🔎] 00e001bdcc39$25da2f20$0200a8c0@family>
Reply-to: "Lane" <lanepierce@americamail.com>

Who was it that said, "if you turn the sausage grinder backwards - you dont
get a pig out."?  I always thought this was a very descriptive way to
explain the unix encryption routine.


-----Original Message-----
From: Kyle Amon <amonk@gnutec.com>
To: Debian User List <debian-user@lists.debian.org>
Cc: grep@oriole.sbay.org <grep@oriole.sbay.org>; Michael Beattie
<mickyb@es.co.nz>; Joey Hess <joey@kitenet.net>
Date: Wednesday, August 19, 1998 9:47 PM
Subject: Re: Linux and Security


>-----BEGIN PGP SIGNED MESSAGE-----
>
>On Wed, 19 Aug 1998, Joey Hess wrote:
>
>> George Bonser wrote:
>> > On Wed, 19 Aug 1998, Michael Beattie wrote:
>> >
>> > > Okay, true, but it was more of a feasability question, "if you can
get the
>> > > string, is it possible to use the following method to decrypt it??"
>> >
>> > Sure ... the login program has to decrypt it, doesn't it? You can
>> > cut/paste passwd entries between linux systems ... the encrypted
password
>> > is not system-specific.
>>
>> No, it's not reversable. There is no way to get the original password
from
>> the data in the shadow password file.
>>
>> Login simply takes the password the user enters, encrypts it using
crypt(),
>> and compares it with that's in the password file. No decryption is done.
>
>Actually a one way hash is used, not encryption.  This is why it is not
>possible to decrypt it -- it quite simply is not encrypted in the first
>place.
>
>- - Kyle
>
>Kyle Amon                     email: amonk@raleigh.ibm.com
>Unix Systems Administrator    phone: (203) 486-3290
>Security Specialist           pager: 1-800-759-8888 PIN 1616512
>IBM Global Services                  or 1616512@skytel.com
>                              email: amonk@gnutec.com
>                              url:   http://www.gnutec.com/kyle
>KeyID 1024/26DD13D9
>Fingerprint = 7D 86 D1 AE 4B E9 91 6A  4B BC B5 B4 12 F0 D3 1A
>
>"GNU does not eliminate all the world's problems, only some of them."
>
>                                - Richard Stallman
>                                  The GNU Manifesto, 1985
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.3ia
>Charset: noconv
>
>iQCVAgUBNdrVzMTIuZsm3RPZAQE0agQAuAbthdwpDnUPMxrS1ioBWy1W78sXcaL0
>Due3wZsa0Z6n/NuutSIf8QAFGxN2RLm1xhd1tLg0W4w/2XgTnkInyNB+eU4M7mGz
>3czIfxjcSKm+YGBwzinOtlnm5vCWapqNKTfd4KM9tl3tSN85sPeKdGp0/ntMMrlu
>Sq3wUr4hcU0=
>=sa00
>-----END PGP SIGNATURE-----
>
>
>--
>Unsubscribe?  mail -s unsubscribe debian-user-request@lists.debian.org <
/dev/null
>

Reply to:

Prev by Date: Keyboard dies when using xdm
Next by Date: Re: some email won't go...
Previous by thread: Re: Linux and Security
Next by thread: Samba and win98
Index(es):
- Date
- Thread