01-25-2007
Hashing or MD5
Hi,
how can one find that which encryption algorithm the system is using for keeping the user password in the /etc/passwd or /etc/shadow file.
Is it
1: Hashing ( which considers only first 5 letters of password)
2: MD5 (Which allows arbitry length passwords)
Thanks,
~amit
10 More Discussions You Might Find Interesting
1. AIX
hello Friends ,
How can i identify the hashing algo used by shadow file in aix box >???
Thanks
AVKlinux (1 Reply)
Discussion started by: avklinux
1 Replies
2. UNIX for Dummies Questions & Answers
What command should I use to analyze file hashing of fixed flat files.
How much work does it take for multiple flat files. (3 Replies)
Discussion started by: jbjoat
3 Replies
3. UNIX for Dummies Questions & Answers
I am looking for a utility that does file hashing in unix. ...Please let me know of any good easy to use utility (3 Replies)
Discussion started by: jbjoat
3 Replies
4. Programming
Hi,
I'm looking for linear hashing implementation in C language. Please help.
PS: I have implement this on Ubuntu 10.04 Linux on 64 bit machine. (1 Reply)
Discussion started by: sajjar
1 Replies
5. UNIX for Advanced & Expert Users
I'm collecting some info on the password hashing algorithms in use on various Unix systems. So far I have:
no $ legacy unix crypt
$1$ MD5
$2$ Blowfish on BSD
$2a$ alternate Blowfish on BSD
$md5$ Sun's alternate MD5
$3$ a Microsoft hash
$4$ not used?
$5$ RedHat proposed Sha-256... (2 Replies)
Discussion started by: Perderabo
2 Replies
6. Shell Programming and Scripting
Hello everyone,
I am looking to basically creating md5sum files for all iso files in a directory and archive the resulting md5 files into a single archive in that very same directory.
I worked out a clumsy solution such as:
#find files for which md5sum are to be created and store the... (1 Reply)
Discussion started by: SurfTranquille
1 Replies
7. Solaris
Hello,
I'm having an issue with my password hashing. In /etc/shadow all the passwords hashes start with $1$. The security people want me to change it so the password hash starts with $5$ or $6$. So this is what I did to fix this.
I changed CRYPT_DEFAULT for 1 to 6
CRYPT_DEFAULT=6When I create a... (0 Replies)
Discussion started by: bitlord
0 Replies
8. Shell Programming and Scripting
So, I am writing a script that will read output from Bulk Extractor (which gathers data based on regular expressions). My script then reads the column that has the URL found, hashes it with MD5, then outputs the URL and hash to a file.
Where I am stuck on is that I want to read the bulk... (7 Replies)
Discussion started by: twjolson
7 Replies
9. Shell Programming and Scripting
I have about 1500 rows (encoded b64(b64(md5($pass))) algorythm) in a file.
I would like reverse the b64 into md5 hash format.
How could I do that from command line? So I need only the correct md5 hash formats.
These row format:
4G5qc2WQzGES6QkWAUgl5w
P9tKxonBOg3ymr8vOBLnDA... (1 Reply)
Discussion started by: freeroute
1 Replies
10. Solaris
Hi,
Our security audit person generated a report for Solaris-10 servers and mentioned this suggestion - "All passwords should be hashed using bcrypt. Solaris 10 supports this blowfish-based hash algorithm with the identifier 2a. To verify this, ensure the password hashes start with $2a$.... (2 Replies)
Discussion started by: solaris_1977
2 Replies
SHADOW(5) File Formats Manual SHADOW(5)
NAME
shadow - encrypted password file
DESCRIPTION
shadow contains the encrypted password information for user's accounts and optional the password aging information. Included is
Login name
Encrypted password
Days since Jan 1, 1970 that password was last changed
Days before password may be changed
Days after which password must be changed
Days before password is to expire that user is warned
Days after password expires that account is disabled
Days since Jan 1, 1970 that account is disabled
A reserved field
The password field must be filled. The encryped password consists of 13 to 24 characters from the 64 characters alphabet a thru z, A thru
Z, 0 thru 9, . and /. Optionally it can start with a "$" character. This means the encrypted password was generated using another (not DES)
algorithm. For example if it starts with "$1$" it means the MD5-based algorithm was used.
Refer to crypt(3) for details on how this string is interpreted.
The date of the last password change is given as the number of days since Jan 1, 1970. The password may not be changed again until the
proper number of days have passed, and must be changed after the maximum number of days. If the minimum number of days required is greater
than the maximum number of day allowed, this password may not be changed by the user.
An account is considered to be inactive and is disabled if the password is not changed within the specified number of days after the pass-
word expires. An account will also be disabled on the specified day regardless of other password expiration information.
This information supercedes any password or password age information present in /etc/passwd.
This file must not be readable by regular users if password security is to be maintained.
FILES
/etc/passwd - user account information
/etc/shadow - encrypted user passwords
SEE ALSO
chage(1), login(1), passwd(1), su(1), passwd(5), pwconv(8), pwunconv(8), sulogin(8)
AUTHOR
Julianne Frances Haugh (jockgrrl@ix.netcom.com)
SHADOW(5)