03-23-2009
In general, salt is random data used in encryption. In the case of the traditional unix scheme the salt is 2 characters selected from the set: "./0-9a-zA-Z" In this case, the salt means that each password has 4096 different representations. This makes it harder to build a list of all possible encrypted passwords. It also means that you can't as easily tell if two accounts have the same password.
No one has ever found a way to to decode the encrypted password when the standard unix algorithm is used. And some very smart people have been trying for decades. The only way is to try all possible passwords until you find one that encrypts to same value in the encrypted field. The weakness of the standard scheme is that it is limited to passwords of 8 characters or less. That's not enough, we need longer passwords. So new scheme are being used that provide long passwords. That's what you must see in your root account.
It is not strictly correct to call the passwords "encrypted" since no decryption algorithm exists. But people commonly do anyway.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi Friends,
Can any of you explain me about the below line of code?
mn_code=`env|grep "..mn"|awk -F"=" '{print $2}'`
Im not able to understand, what exactly it is doing :confused:
Any help would be useful for me.
Lokesha (4 Replies)
Discussion started by: Lokesha
4 Replies
2. Shell Programming and Scripting
Hi All,
I'm trying to write a ksh script to parse a file. When the "\" character is encountered, it should be removed and the next line should be concatenated with the current line. For example...
this is a test
line #1\
should be concatenated with line #2\
and line number 3
when this... (3 Replies)
Discussion started by: newbie_coder
3 Replies
3. UNIX for Dummies Questions & Answers
Hi!!..
I would like to know what is maximum character size for a command in the "sh" or "bourne" shell?
Thanks in advance..
Roshan. (1 Reply)
Discussion started by: Roshan1286
1 Replies
4. UNIX for Advanced & Expert Users
Hi!!..
I would like to know what is maximum character size for a command in the "sh" or "bourne" shell?
Thanks in advance..
Roshan. (1 Reply)
Discussion started by: Roshan1286
1 Replies
5. Shell Programming and Scripting
Hi!!..
I would like to know what is maximum character size for a command in the "sh" or "bourne" shell?
Thanks in advance..
Roshan. (1 Reply)
Discussion started by: Roshan1286
1 Replies
6. Shell Programming and Scripting
Hi,
I have line in input file as below:
3G_CENTRAL;INDONESIA_(M)_TELKOMSEL;SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL
My expected output for line in the file must be :
"1-Radon1-cMOC_deg"|"LDIndex"|"3G_CENTRAL|INDONESIA_(M)_TELKOMSEL"|LAST|"SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL"
Can someone... (7 Replies)
Discussion started by: shis100
7 Replies
7. Shell Programming and Scripting
Hello everyone
Sorry I have to add another sed question. I am searching a log file and need only the first 2 occurances of text which comes after (note the space) "string " and before a ",". I have tried
sed -n 's/.*string \(*\),.*/\1/p' filewith some, but limited success. This gives out all... (10 Replies)
Discussion started by: haggismn
10 Replies
8. UNIX for Dummies Questions & Answers
How to use "mailx" command to do e-mail reading the input file containing email address, where column 1 has name and column 2 containing “To” e-mail address
and column 3 contains “cc” e-mail address to include with same email.
Sample input file, email.txt
Below is an sample code where... (2 Replies)
Discussion started by: asjaiswal
2 Replies
9. Shell Programming and Scripting
Hello.
System : opensuse leap 42.3
I have a bash script that build a text file.
I would like the last command doing :
print_cmd -o page-left=43 -o page-right=22 -o page-top=28 -o page-bottom=43 -o font=LatinModernMono12:regular:9 some_file.txt
where :
print_cmd ::= some printing... (1 Reply)
Discussion started by: jcdole
1 Replies
LEARN ABOUT ULTRIX
setkey
crypt(3) Library Functions Manual crypt(3)
Name
crypt, crypt16, setkey, encrypt - DES encryption
Syntax
char *crypt(key, salt)
char *key, *salt;
char *crypt16(key, salt)
char *key, *salt;
void setkey(key)
char *key;
Description
The subroutine is the password encryption routine. It is based on the NBS Data Encryption Standard, with variations intended to frustrate
use of hardware implementations of the DES for key search.
The first argument to is normally a user's typed password. The second is a 2-character string chosen from the set [a-zA-Z0-9./]. The salt
string is used to perturb the DES algorithm in one of 4096 different ways, after which the password is used as the key to encrypt repeat-
edly a constant string. The returned value points to the encrypted password, in the same alphabet as the salt. The first two characters
are the salt itself.
The subroutine is identical to the function except that it will accept a password up to sixteen characters in length. It generates a longer
encrypted password for use with enhanced security features.
The other entries provide primitive access to the actual DES algorithm. The argument of is a character array of length 64 containing only
the characters with numerical value 0 and 1. If this string is divided into groups of 8, the low-order bit in each group is ignored, lead-
ing to a 56-bit key which is set into the machine.
The argument to the entry is likewise a character array of length 64 containing 0s and 1s. The argument array is modified in place to a
similar array representing the bits of the argument after having been subjected to the DES algorithm using the key set by If edflag is 0,
the argument is encrypted; if non-zero, it is decrypted.
Restrictions
The return values from and point to static data areas whose content is overwritten by each call.
Environment
Default Environment
In the default environment on systems that do not have the optional encryption software installed the function expects exactly one argu-
ment, the data to be encrypted. The edflag argument is not supplied and there is no way to decrypt data. If the optional encryption soft-
ware is installed the function behaves as it does in the POSIX environment. The syntax for the default environment follows:
void encrypt(block)
char *block;
POSIX Environment
In the POSIX environment the encrypt function always expects two arguments. The function will set errno to ENOSYS and return if edflag is
non-zero and the optional encryption software is not present. The syntax for the POSIX environment follows:
void encrypt(block, edflag)
char *block;
int edflag;
In all cases the function will set errno to ENOSYS and return if the optional encryption software is not present.
See Also
login(1), passwd(1), yppasswd(1yp), getpass(3), auth(5), passwd(5), passwd(5yp)
ULTRIX Security Guide for Users and Programmers
crypt(3)