Well, i actually do not know, you could be right, i really do not know...
I also know there are different options, like using --des for des
encryption. and also --md5 for md5 way of encrypting. and a --check option
to check the password.
I guess it really is some encryption, but why do they name it MD5 hash..
In the perl-script is a line mentioning salt and some characters to be used
for encryption..
I just found this description on internet wikipedia :
MD5-based scheme
Poul-Henning Kamp designed a baroque and (at the time) computationally
expensive algorithm based on the MD5 message digest algorithm. MD5 itself
would provide good cryptographic strength for the password hash, but it is
designed to be quite quick to calculate relative to the strength it
provides. The crypt() scheme is designed to be expensive to calculate, to
slow down dictionary attacks. The printable form of MD5 password hashes
starts with $1$.
This scheme allows users to have any length password, and they can use any
characters supported by their platform (not just 7-bit ASCII). (In practice
many implementations limit the password length, but they generally support
passwords far longer than any person would be willing to type.) The salt is
also an arbitrary string, limited only by character set considerations.
First the passphrase and salt are hashed together, yielding an MD5 message
digest. Then a new digest is constructed, hashing together the passphrase,
the salt, and the first digest, all in a rather complex form. Then this
digest is passed through a thousand iterations of a function which rehashes
it together with the passphrase and salt in a manner that varies between
rounds. The output of the last of these rounds is the resulting passphrase
hash.
The fixed iteration count has caused this scheme to lose the computational
expense that it once enjoyed. Variable numbers of rounds are now favoured.
Best regards,
Ruud
--------------------------------------------------
From: "Arno Garrels" <arno.garr...@gmx.de>
Sent: Saturday, November 21, 2009 10:36 PM
To: "ICS support mailing" <twsocket@elists.org>
Subject: Re: [twsocket] MD5 passwords
Ruud Kerstens wrote:
well, i created the string with a linux-tool on the radius-server
(freeradius). It is used as:
cryptpasswd --md5 <password>.
Doesn't this just encrypt the MD5 value of the password?
Just a wild guess..
--
Arno Garrels
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be
