It seems like Grub does not accept the MD5 password format used in 
/etc/shadow, at least not on Fedora 8. If I simply copy the string to 
grub.conf and then press "p" at the Grub menu, two stars are displayed. 
The password is not accepted regardless if I backspace away these 
characters or not. 

I've noticed that both the salt length and total length differs. A sample 
password from /etc/shadow looks like:

$1$agMDK9U0$C1ssVE0GrvY4zG7h1L4L9/

This is in total 34 characters, with a salt length of 8, if I understand 
the format correctly. 

grub-md5-crypt, on the other hand, produces something like:

$1$FYqIF$LSQBagQ5S3ZuWr0ogBEN80

This is in total 31, with 5 characters salt.


The /etc/shadow format is documented on the crypt() man page:

"If salt is a character string starting with the three characters "$1$" 
followed by at most eight characters, and optionally terminated by "$", 
then instead of using the DES machine, the glibc crypt function uses an 
MD5-based algorithm, and outputs up to 34 bytes, namely 
"$1$<salt>$<encoded>", where "<salt>" stands for the up to 8 characters 
following "$1$" in the salt, and "<encoded>" is a further 22 characters."

Perhaps Grub uses another format? On RedHat 7.3 with MD5 passwords in 
/etc/passwd, it was possible to use these strings for Grub. 


Regards, 
---
Peter Åstrand           ThinLinc Chief Developer
Cendio AB               http://www.cendio.se
Wallenbergs gata 4
583 30 Linköping        Phone: +46-13-21 46 00
_______________________________________________
Bug-grub mailing list
Bug-grub@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-grub

Reply via email to