On Wed, 19 Aug 1998, Chris wrote: : On Tue, 18 Aug 1998, Steve Lamb wrote: : : > On Tue, 18 Aug 1998 23:27:40 -0500 (CDT), Nathan E Norman wrote: : > : > >No. The first two characters of the "Encrypted password" field are the : > >"salt"; the plaintext password collected from loogin or wherever is : > >crypted using that salt, and the result compared to the entire field. : > : > Hrm, guess things have changed since the other nutshell book was printed. : > :/ : > : > : : : An extract from the crypt(3) man page: : : : crypt is the password encryption function. It is based on : the Data Encryption Standard algorithm with variations : intended (among other things) to discourage use of hard : ware implementations of a key search. : : key is a user's typed password. : : salt is a two-character string chosen from the set : [a-zA-Z0-9./]. This string is used to perturb the algo : rithm in one of 4096 different ways. : : By taking the lowest 7 bit of each character of the key, a : 56-bit key is obtained. This 56-bit key is used to : encrypt repeatedly a constant string (usually a string : consisting of all zeros). The returned value points to : the encrypted password, a series of 13 printable ASCII : characters (the first two characters represent the salt : itself). The return value points to static data whose : content is overwritten by each call.
Ah! Ok, I see what I was missing. -- Nathan Norman MidcoNet 410 South Phillips Avenue Sioux Falls, SD mailto:[EMAIL PROTECTED] http://www.midco.net finger [EMAIL PROTECTED] for PGP Key: (0xA33B86E9)
