On Tue, Dec 3, 2013, at 10:46, Chip Marshall wrote:
> On 2013-12-03, Chris Morrow <morr...@ops-netman.net> sent:
> > > I get things like "$sha1$19418$aoTClyGU$cix8MhZsXwG6OrwUgeHAoOA8f.AX"
> > > where it appears to have the format, some number, what I think is
> > > the salt, and then the hash.
> > >
> > > Anyone know how these things are calculated?
> >
> > we do this calculation.... I believe your intended format is:
> > $1$salt$hash
> >
> > or that seems to be what our code does.
>
> That's for MD5 passwords. I have a requirement to use SHA-1.
>
JunOS is based on FreeBSD, and FreeBSD doesn't support SHA-1 password
hashes. Your choices are:
DES: (no identifier)
MD5: $1$
Blowfish: $2$
NTHASH: $3$
SHA256: $5$
SHA512: $6$ (likely not supported as it's recent to FreeBSD)
And how to generate a hash (just change the identifier; it will create
the right hash):
python -c "import crypt, getpass, pwd; print crypt.crypt('password',
'\$1\$SALTsalt\$')"
Just make sure you use a different salt for each password.
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
