[H-GEN] I can't login - HELP!
Martin Pool
martinp at mincom.com
Wed Dec 15 02:30:22 EST 1999
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Please observe the list's charter. ]
Ben Carlyle wrote:
> The basic run-down on shadowed passwords is this:
>
> /etc/passwd contains the following fields:
> username:something:uid:gid:long name:home:shell
>
> Traditionally that something was the standard UNIX password
> encription. The last two characters are the seed,
No, the *first* two characters are the *salt*. For example,
perl -e "print crypt 'sixtynine', '69'"
69svejaeR8Fzg
^^ look here
> But to summarise... shadowed password files are non-readable
> except by root, and contain the "real" passwords.
Furthermore, shadowed passwords can use a secure hash of the password
and a much longer salt, rather than a DES hash of the password and a
12-bit salt. Dictionary attacks are still possible, but it is not
feasible to precompute them.
--
/\\\ Mincom | Martin Pool | martinp at mincom.com
// \\\ | Software Engineer | Phone: +61 7 3303-3333
\\ /// | Mincom Limited | Teneriffe, Brisbane
\/// | And now a word from our sponsor...
This transmission is for the intended addressee only and is
confidential information. If you have received this
transmission in error, please delete it and notify the
sender. The contents of this E-mail are the opinion of the
writer only and are not endorsed by Mincom Limited unless
expressly stated otherwise.
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.
More information about the General
mailing list