I've not mucked with MD5 passwords, but a google search led me to the
Linux-PAM code. I'll keep poking around to see if I can find anything more
explicit.
It can be downloaded from:
http://www.us.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-0.66.tar.gz
(or a closer mirror of kernel.org).
In modules/pam_pwdb/md5_crypt.c you can see how that string is generated.
-John
> Next problem is md5-passwords. Does anybody know how they are supposed
> to work? It seems that crypt(clear, salt) always returns the cleartext
> password, which is pretty bad. The MD5-passwords in the /etc/passwd
> file looks like
>
> $1$xxxxxxxx$yyyyyyyyyyyyyyyyyyyyyy
>
> where x and y could be base64 digits. I would appreciate any clues,
> pointers to documentation, or source code, which explains how to
> verify a user password against this data.
>
> /Niels
>
>
