Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: which encryption method?
Top Forums Shell Programming and Scripting which encryption method? Post 25561 by kjd on Wednesday 31st of July 2002 09:07:36 PM
Old 07-31-2002
Comparison or storage for later use?
If you're storing for comparison (authentication) purposes (e.g. user enters a password, you save it, then later ask for the password again for verification), then you can store an MD5 hash of the password rather than encrypting and storing the password itself. See Digest::MD5 or Digest::Perl::MD5. Use the second if you are unable to compile C code; it is slower, but should not be noticably slow for something small like passwords.

Using this method, you would take input from the user, and hash it with MD5. The output is a unique string that cannot be reversed to re-obtain the original data. This is useful for password comparison because you can hash the input from the user, then compare the stored value and new value to assure they are the same. The password never has to be stored.

If you're storing for later retrieval and usage then you need a form of encryption that you can reverse with a key. You would use this for encrypting files/data, such as a list of passwords that you want to store for use later. Try Rijndael, Blowfish, Twofish. Of course you need to obtain the key somehow, probably by prompting the user at run-time.
Last edited by kjd; 07-31-2002 at 10:33 PM..
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Backup method

Hi I'm trying to work out the best method for creating a backup under SCO OpenServer. I would like to perform unattended backups to tape of various file systems, possibly using a script etc. So far I've looked at the Backup Manager that comes with SCO and that cannot perform unattended... (2 Replies)
Discussion started by: synamics
2 Replies

2. UNIX for Dummies Questions & Answers

File encryption/Key encryption ????

My dilemma, I need to send, deemed confidential, information via e-mail (SMTP). This information is sitting as a file on AIX. Typically I can send this data as a e-mail attachment via what we term a "mail filter" using telnet. I now would like to somehow encrypt the data and send it to a e-mail... (1 Reply)
Discussion started by: hugow
1 Replies

3. UNIX for Dummies Questions & Answers

Optimized Method

Hi All, I have got two files. File A with 50000 records and File B with some 500 million records. I need to extract the mapping data (common data) from both the files. There should be definitely many ways :) though I have a way which is definitely not optimzed and takes a longer time... (2 Replies)
Discussion started by: matrixmadhan
2 Replies

4. Programming

Regarding Native method

Hi, I am working with solaris 9 and I am using jre1.6. In my application,I am using java and C++ in my application.Basically we are using the java for front end and C/C++ for back hand.So I have to call the C/C++ source code form java code.we are using native methods for it.. So application... (1 Reply)
Discussion started by: smartgupta
1 Replies

5. UNIX for Dummies Questions & Answers

Shadow file encryption method

Hi all, I'd like to use the encryption method used to generate the /etc/shadow passwords. The goal is to write a script that get a plain-text password as argument and returns an encrycped one. Can you help me, please? (10 Replies)
Discussion started by: nisant
10 Replies

6. Shell Programming and Scripting

Help in replace method

Hi Gurus, VARIABLE=john_*_has_*_s i want to replace the * with digits 09100 and 0010101 to print the john_09100_has_0010101_s Thanks (3 Replies)
Discussion started by: SeenuGuddu
3 Replies

7. Solaris

svc:/network/physical:default: Method "/lib/svc/method/net-physical" failed with exit status 96. [ n

After a memory upgrade all network interfaces are misconfigued. How do i resolve this issue. Below are some out puts.thanks. ifconfig: plumb: SIOCLIFADDIF: eg000g0:2: no such interface # ifconfig eg1000g0:2 plumb ifconfig: plumb: SIOCLIFADDIF: eg1000g0:2: no such interface # ifconfig... (2 Replies)
Discussion started by: andersonedouard
2 Replies

8. Shell Programming and Scripting

Another method for this snippet

Hi All, i believe this is not very efficient. another method would be appreciated for these. basically i read a file with tab delimited column and pass the column to another perl script. while read line do timestamp=`echo "$line"|awk -F"\t" '{print $1}'` severity=`echo... (15 Replies)
Discussion started by: ryandegreat25
15 Replies

9. Cybersecurity

File encryption tools with MAC address as an encryption key

Hi all, I'm looking for secure file encryption tools that use MAC address as encryption key. FYI, I'm using Red Hat Enterprise Linux OS. For example: when A wants to send file to B A will encrypt the file with B's computer MAC/IP address as an encryption key This file can only be decrypted... (2 Replies)
Discussion started by: sergionicosta
2 Replies

LEARN ABOUT DEBIAN

doveadm-pw

DOVEADM-PW(1)							      Dovecot							     DOVEADM-PW(1)

NAME

       doveadm-pw - Dovecot's password hash generator

SYNOPSIS

       doveadm [-Dv] pw -l
       doveadm [-Dv] pw [-p password] [-r rounds] [-s scheme] [-u user] [-V]
       doveadm [-Dv] pw -t hash [-u user]

DESCRIPTION

       doveadm pw is used to generate password hashes for different password schemes and optionally verify the generated hash.

       All  generated  password  hashes  have  a {scheme} prefix, for example {SHA512-CRYPT.HEX}.  All passdbs have a default scheme for passwords
       stored without the {scheme} prefix.  The default scheme can be overridden by storing the password with the scheme prefix.

OPTIONS

       Global doveadm(1) options:

       -D     Enables verbosity and debug messages.

       -v     Enables verbosity, including progress counter.

       Command specific options:

       -l     List all supported password schemes and exit successfully.
	      There are up to three optional password schemes: BLF-CRYPT (Blowfish  crypt),  SHA256-CRYPT and  SHA512-CRYPT.   Their  availability
	      depends on the system's currently used libc.

       -p password
	      The  plain  text password for which the hash should be generated.  If no password was given doveadm(1) will prompt interactively for
	      one.

       -r rounds
	      The password schemes BLF-CRYPT, SHA256-CRYPT and SHA512-CRYPT supports a variable number of encryption rounds.  The following  table
	      shows  the  minimum/maximum number of encryption rounds per scheme.  When the -r option was omitted the default number of encryption
	      rounds will be applied.

	       Scheme	    | Minimum | Maximum   | Default
	      ----------------------------------------------
	       BLF-CRYPT    |	    4 |        31 |	  5
	       SHA256-CRYPT |	 1000 | 999999999 |    5000
	       SHA512-CRYPT |	 1000 | 999999999 |    5000

       -s scheme
	      The password scheme which should be used to generate the hashed password.  By default the CRAM-MD5 scheme will be used.  It is  also
	      possible to append an encoding suffix to the scheme.  Supported encoding suffixes are: .b64, .base64 and .hex.
	      See also http://wiki2.dovecot.org/Authentication/PasswordSchemes for more details about password schemes.

       -t hash
	      Test if the given password hash matches a given plain text password.

       -u user
	      When  the  DIGEST-MD5 scheme  is used, also the user name must be given, because the user name is a part of the generated hash.  For
	      more information about Digest-MD5 please read also: http://wiki2.dovecot.org/Authentication/Mechanisms/DigestMD5

       -V     When this option is given, the hashed password will be internally verified.  The result of the verification will be shown after  the
	      hashed password, enclosed in parenthesis.

EXAMPLE

       The  first  password  hash  is  a DIGEST-MD5 hash for jane.roe@example.com.  The second password hash is a CRAM-MD5 hash for john.doe@exam-
       ple.com.

       doveadm pw -s digest-md5 -u jane.roe@example.com
       Enter new password:
       Retype new password:
       {DIGEST-MD5}9b9dcb4466233a9307bbc33708dffda0
       doveadm pw
       Enter new password:
       Retype new password:
       {CRAM-MD5}913331d8782236a8ecba7764a63aa27b26437fd40ca878d887f11d81245c2c6b

REPORTING BUGS

       Report bugs, including doveconf -n output, to the Dovecot Mailing List <dovecot@dovecot.org>.  Information about reporting bugs	is  avail-
       able at: http://dovecot.org/bugreport.html

SEE ALSO

       doveadm(1)

Dovecot v2.1							    2012-02-13							     DOVEADM-PW(1)
All times are GMT -4. The time now is 04:01 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy