On Wed, Jan 19, 2011 at 4:05 PM, Mark <m...@edgewire.sg> wrote: > Hi Fajar, > > How did you generate that hash? md5sum of "testpass" doesn't return that > value for me. > > the MD5-password? Probably due to new line effect. I created it using php's md5 function (http://php.net/manual/en/function.md5.php)
$ echo "<?=md5('testpass');?>"|php;echo 179ad45c6ce2cb97cf1029e212046e81 $ echo -n testpass | md5sum 179ad45c6ce2cb97cf1029e212046e81 - $ echo testpass | md5sum 0ba06b1790d48b9baf71162124a04685 - mysql> select md5('testpass'); +----------------------------------+ | md5('testpass') | +----------------------------------+ | 179ad45c6ce2cb97cf1029e212046e81 | +----------------------------------+ 1 row in set (0.14 sec) See the difference between second and third example? -- Fajar > On 19-Jan-2011, at 3:07 PM, Fajar A. Nugraha wrote: > > On Wed, Jan 19, 2011 at 12:39 PM, Mark <m...@edgewire.sg> wrote: > >> Hi folks, >> >> Been trying to look for information on this but haven't been able to find >> anything, prompting me to turn to the mailing list for help. >> >> In the event of using salted md5 hashes for passwords, where exactly does >> one store the salt? > > > In the beginning of the password. > > >> There doesn't seem to be a place within the FR config to do that. Any >> advice would be much appreciated. >> >> > No special place needed. > > You're probably confusing MD5-Password and Crypt-Password (which in turn > can use MD5 hash). For example, if you use PAP, these three attributes will > allow access when user enter password "testpass": > > Cleartext-Password := "testpass" > MD5-Password := "179ad45c6ce2cb97cf1029e212046e81" > Crypt-Password := "$1$12345678$duTc/02K9TK/XCYFyofbZ/" > Crypt-Password := "122U0BPYjrauc" > > MD5-Password does not have any salt. > Crypt-Password in the first example has the salt "$1$12345678$", with > MD5-based hash (crypted passwords have the hash in front of them, which for > MD5 starts with $1$ and is 12 characters long) > Crypt-Password in the second example has the salt "12", with DES-based hash > > See also: > http://freeradius.org/radiusd/man/rlm_pap.txt > http://en.wikipedia.org/wiki/Crypt_(Unix)#MD5-based_scheme > http://id.php.net/manual/en/function.crypt.php > > -- > Fajar > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html