Looks like the output is identical to what would be generated by the *BSD pwhash(1) utility.
# pwhash -S 24680 stuff $sha1$23933$/WgTkHoe$25rdwdZ95cfgY/Tl6li2/LRIbuVT # pwhash(1) in turn calls the crypt(3) library function after it generates a salt. Digging through the sources, we find the following comment block in src/lib/libcrypt/crypt-sha1.c * The format of the encrypted password is: * $<tag>$<iterations>$<salt>$<digest> * * where: * <tag> is "sha1" * <iterations> is an unsigned int identifying how many rounds * have been applied to <digest>. The number * should vary slightly for each password to make * it harder to generate a dictionary of * pre-computed hashes. See crypt_sha1_iterations. * <salt> up to 64 bytes of random data, 8 bytes is * currently considered more than enough. * <digest> the hashed password. -----Original Message----- From: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Chris Morrow Sent: Tuesday, December 03, 2013 9:06 AM To: c...@2bithacker.net; juniper-nsp@puck.nether.net Subject: Re: [j-nsp] Format of SHA1 Passwords On 12/03/2013 11:46 AM, Chip Marshall wrote: > On 2013-12-03, Chris Morrow <morr...@ops-netman.net> sent: >>> I get things like "$sha1$19418$aoTClyGU$cix8MhZsXwG6OrwUgeHAoOA8f.AX" >>> where it appears to have the format, some number, what I think is >>> the salt, and then the hash. >>> >>> Anyone know how these things are calculated? >> >> we do this calculation.... I believe your intended format is: >> $1$salt$hash >> >> or that seems to be what our code does. > > That's for MD5 passwords. I have a requirement to use SHA-1. oh, ha! :( hrm... so, I set a passwd of 'flipfl0p!' for a user after setting the passwd format to sha1 ... and I see: "$sha1$19295$mROzSQ4a$SFnJ1fAbP4cHqw/16.xDV4s1LpMA" and yea.... the format isn't as simple as: >>> import hashlib >>> p = 'flipfl0p!' >>> s = 'mROzSQ4a' >>> hashlib.sha1(p+s).hexdigest() bummer. _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp