Mac OS X Password

Tags

beginners, encryption, mac, passwords, python, sha1

Top Forums UNIX for Dummies Questions & Answers Mac OS X Password

10-22-2010

Registered User

17, 0

Join Date: Oct 2010

Last Activity: 8 February 2011, 5:49 PM EST

Posts: 17

Thanks Given: 4

Thanked 0 Times in 0 Posts

Mac OS X Password

I want to know the exact process of how Mac OS X takes a string(password) and encrypts it. I know the encrypted file is stored in /var/db/shadow/hash/<GUID>

But..
1) How does the string get to that point?
2) How can I write a script [in python] that can do this so i can encrypt my password, compare it and get a match to the one the system stores.

Any help is greatly appreciated.

cbreiny

View Public Profile for cbreiny

Find all posts by cbreiny

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. OS X (Apple)

Mac OS X Tiger Password Storage

Are Mac OS X 10.4.11 Tiger passwords only stored in /var/db/shadow/hash? Or is it also used in NetInfo? The reason I am asking is because I wonder if I edit the file in /var/db/shadow/hash and replace the hash inside with my own, will it change the password? Thanks.

2. UNIX for Dummies Questions & Answers

not taking password for su on mac os x

Hello, I can't install matlab on my new mac os X because I am not logged in as a superuser. I type su root and it doesn't take my password. It just says sorry. Is there a way to just reset it? Thanks, Z

LEARN ABOUT MINIX

pwdauth

PWDAUTH()																 PWDAUTH()

NAME

       pwdauth - password authentication program

SYNOPSIS

       /usr/lib/pwdauth

DESCRIPTION

       Pwdauth is a program that is used by the crypt(3) function to do the hard work.	It is a setuid root utility so that it is able to read the
       shadow password file.

       Pwdauth expects on standard input two null terminated strings, the password typed by the user, and the salt.  That is, the two arguments of
       the  crypt  function.   The input read in a single read call must be 1024 characters or less including the nulls.  Pwdauth takes one of two
       actions depending on the salt.

       If the salt has the form "##user" then the user is used to index the shadow password file to obtain  the  encrypted  password.	The  input
       password  is encrypted with the one-way encryption function contained within pwdauth and compared to the encrypted password from the shadow
       password file.  If equal then pwdauth returns the string "##user" with exit code 0, otherwise exit code 2 to signal  failure.   The  string
       "##user" is also returned if both the shadow password and the input password are null strings to allow a password-less login.

       If  the salt is not of the form "##user" then the password is encrypted and the result of the encryption is returned.  If salt and password
       are null strings then a null string is returned.

       The return value is written to standard output as a null terminated string of 1024 characters or less including the null.

       The exit code is 1 on any error.

SEE ALSO

       crypt(3), passwd(5).

NOTES

       A password must be checked like in this example:

	      pw_ok = (strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd) == 0);

       The second argument of crypt must be the entire encrypted password and not just the two character salt.

AUTHOR

       Kees J. Bot (kjb@cs.vu.nl)

																	 PWDAUTH()

UNIX for Dummies Questions & Answers