Mac OS X Password

Tags

beginners, encryption, mac, passwords, python, sha1

Top Forums UNIX for Dummies Questions & Answers Mac OS X Password

10-22-2010

Registered User

17, 0

Join Date: Oct 2010

Last Activity: 8 February 2011, 5:49 PM EST

Posts: 17

Thanks Given: 4

Thanked 0 Times in 0 Posts

Mac OS X Password

I want to know the exact process of how Mac OS X takes a string(password) and encrypts it. I know the encrypted file is stored in /var/db/shadow/hash/<GUID>

But..
1) How does the string get to that point?
2) How can I write a script [in python] that can do this so i can encrypt my password, compare it and get a match to the one the system stores.

Any help is greatly appreciated.

cbreiny

View Public Profile for cbreiny

Find all posts by cbreiny

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. OS X (Apple)

Mac OS X Tiger Password Storage

Are Mac OS X 10.4.11 Tiger passwords only stored in /var/db/shadow/hash? Or is it also used in NetInfo? The reason I am asking is because I wonder if I edit the file in /var/db/shadow/hash and replace the hash inside with my own, will it change the password? Thanks.

2. UNIX for Dummies Questions & Answers

not taking password for su on mac os x

Hello, I can't install matlab on my new mac os X because I am not logged in as a superuser. I type su root and it doesn't take my password. It just says sorry. Is there a way to just reset it? Thanks, Z

LEARN ABOUT MINIX

crypt

CRYPT(3)						     Library Functions Manual							  CRYPT(3)

NAME

       crypt - one-way password encryption function

SYNOPSIS

       #define _MINIX_SOURCE 1
       #include <unistd.h>

       char *crypt(const char *key, const char *salt)

DESCRIPTION

       The  first  use	of  crypt()  is  to encrypt a password.  Its second use is to authenticate a shadow password.  In both cases crypt() calls
       pwdauth(8) to do the real work.

       Crypt() encrypts a password if called with a user typed key, and a salt whose first two characters  are	in  the  set  [./0-9A-Za-z].   The
       result  is  a  character  string in the [./0-9A-Za-z] alphabet of which the first two characters are equal to the salt, and the rest is the
       result of encrypting the key and the salt.

       If crypt() is called with a salt that has the form ##user then the key is encrypted and compared to the encrypted password of user  in  the
       shadow  password  file.	If they are equal then crypt() returns the ##user argument, if not then some other string is returned.	This trick
       assures that the normal way to authenticate a password still works:

	      if (strcmp(pw->pw_passwd, crypt(key, pw->pw_passwd))) ...

       If key is a null string, and the shadow password is a null string or the salt is a null string then  the  result  equals  salt.	 (This	is
       because the caller can't tell if a password field is empty in the shadow password file.)

       The key and salt are limited to 1024 bytes total including the null bytes.

FILES

       /usr/lib/pwdauth 	The password authentication program

SEE ALSO

       getpass(3), getpwent(3), passwd(5), pwdauth(8).

NOTES

       The result of an encryption is returned in a static array that is overwritten by each call.  The return value should not be modified.

AUTHOR

       Kees J. Bot (kjb@cs.vu.nl)

																	  CRYPT(3)

UNIX for Dummies Questions & Answers