[Israel.pm] /etc/shadow

Yuval Yaari yuval at windax.com
Sun Jun 27 05:24:17 PDT 2004

This IS MD5 - which is a better choice anyway :)


On Sun, 2004-06-27 at 14:43, Gaal Yahas wrote:
> On Sun, Jun 27, 2004 at 01:30:34PM +0300, Georges EL OJAIMI wrote:
> > Is there any way to encrypt a user input and validate it toward the /etc/shadow of Red Hat Linux 9.
> > I am not sure how to get the salt of the DES encryption.
> > Here is a sample line for user 'georges' and password 'password'
> > 
> > georges:$1$W9sPfBqe$rS0jkCnkkj.uLc9dQYUF61:12595:0:99999:7:::
> 1. Whether the password resides in /etc/passwd or /etc/shadow makes no
>    difference in terms of validation. /etc/shadow is merely an extra
>    precaution against people having access to crypted passwords.
> 2. The encrypted password you quote above does not look like the output
>    of crypt (the traditional unix DES-based one-way funciton intended
>    for passwords). Could it be that your system is configured to use a
>    different, possibly stronger crypting function?
>    Try looking in /etc/pam.d -- apparently you're using md5 encryption
>    and not the traditional crypt.

More information about the Perl mailing list