8 More Discussions You Might Find Interesting
1. Solaris
Hi,
Our security audit person generated a report for Solaris-10 servers and mentioned this suggestion - "All passwords should be hashed using bcrypt. Solaris 10 supports this blowfish-based hash algorithm with the identifier 2a. To verify this, ensure the password hashes start with $2a$.... (2 Replies)
Discussion started by: solaris_1977
2 Replies
2. Shell Programming and Scripting
So, I am writing a script that will read output from Bulk Extractor (which gathers data based on regular expressions). My script then reads the column that has the URL found, hashes it with MD5, then outputs the URL and hash to a file.
Where I am stuck on is that I want to read the bulk... (7 Replies)
Discussion started by: twjolson
7 Replies
3. Solaris
Hello,
I'm having an issue with my password hashing. In /etc/shadow all the passwords hashes start with $1$. The security people want me to change it so the password hash starts with $5$ or $6$. So this is what I did to fix this.
I changed CRYPT_DEFAULT for 1 to 6
CRYPT_DEFAULT=6When I create a... (0 Replies)
Discussion started by: bitlord
0 Replies
4. Debian
About a year and half or so ago me and a friend set up Debian on a PS3. For a while I could not boot into the ps3 but managed to get it running again. I was very excited to get back in a play on the Debian distro we installed until I found neither of us could remember the password he put on it.
... (3 Replies)
Discussion started by: Azrael
3 Replies
5. UNIX for Advanced & Expert Users
I'm collecting some info on the password hashing algorithms in use on various Unix systems. So far I have:
no $ legacy unix crypt
$1$ MD5
$2$ Blowfish on BSD
$2a$ alternate Blowfish on BSD
$md5$ Sun's alternate MD5
$3$ a Microsoft hash
$4$ not used?
$5$ RedHat proposed Sha-256... (2 Replies)
Discussion started by: Perderabo
2 Replies
6. Shell Programming and Scripting
hi guys
I have to create a script
where I have to su to another user and when that happens the pasword is requested as usual but since this script runs after hours no one can type the password so..I now it's not secure but is there a way to do this to have the password inserted automatically?
... (2 Replies)
Discussion started by: karlochacon
2 Replies
7. UNIX for Dummies Questions & Answers
Hello folks,
I have few linux machines and one server from which I can connect to others without password (of course ssh key). On some server when root password will expired is asking me for change passord but on some servers no. When I can find some configuration of this behavior?
Thx for any... (1 Reply)
Discussion started by: vikus
1 Replies
8. UNIX for Dummies Questions & Answers
Hi,
how can one find that which encryption algorithm the system is using for keeping the user password in the /etc/passwd or /etc/shadow file.
Is it
1: Hashing ( which considers only first 5 letters of password)
2: MD5 (Which allows arbitry length passwords)
Thanks,
~amit (0 Replies)
Discussion started by: amit4g
0 Replies
crypt_bsdbf(5) Standards, Environments, and Macros crypt_bsdbf(5)
NAME
crypt_bsdbf - password hashing module using Blowfish cryptographic algorithm
SYNOPSIS
/usr/lib/security/$ISA/crypt_bsdbf.so
DESCRIPTION
The crypt_bsdbf module is a one-way password hashing module for use with crypt(3C) that uses the Blowfish cryptographic algorithm. The
algorithm identifier for crypt.conf(4) and policy.conf(4) is 2a.
The maximum password length for crypt_bsdbf is 255 characters.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|MT-Level |Safe |
+-----------------------------+-----------------------------+
SEE ALSO
passwd(1), crypt(3C), crypt_genhash_impl(3C), crypt_gensalt(3C), crypt_gensalt_impl(3C), getpassphrase(3C), crypt.conf(4), passwd(4), pol-
icy.conf(4), attributes(5)
SunOS 5.11 6 Aug 2003 crypt_bsdbf(5)
