For those interested here is perl program to generate Crypt-PW's with a
propper salt.
#!/usr/bin/perl
$salt=salt();
print "password encryptee, [CTRL]-D quits.\n";
while (<STDIN>) {
chop;
$text=crypt($_,$salt);
print $text."\n";
}
sub salt {
local($salt);
local($i, $rand);
local(@itoa64) = ( 0 .. 9, a .. z, A .. Z ); # 0 .. 63 # to64
for ($i = 0; $i < 8; $i++) {
srand(time + $rand + $$);
$rand = rand(25*29*17 + $rand);
$salt .= $itoa64[$rand & $#itoa64];
}
return $salt;
}
Tyler Walden - [EMAIL PROTECTED]
Alternate Access http://www.aa.net
Network Operations - [EMAIL PROTECTED]
On Fri, 8 Jun 2001 [EMAIL PROTECTED] wrote:
> This is a very old problem. See
> http://www.securityfocus.com/archive/1/5494 (1996)
> http://www.securityfocus.com/archive/1/34191 (1999)
>
> NSI obviously does not care much about the security. I haven't been
> able to get PGP authentication working in months.
> --
> Elias Levy
> SecurityFocus.com
> http://www.securityfocus.com/
> Si vis pacem, para bellum
>
