On Mon, 30 Aug 2004 22:44:48 +0000 (UTC), Jason Holt <[EMAIL PROTECTED]> wrote: > > On Mon, 30 Aug 2004 [EMAIL PROTECTED] wrote: > > Also, It appears that RHE3 and RH72 use different hashing functions for > > the /etc/passwd file (I created a root user on the RHE3 box and compared > > the hash to the RH72 box and they are different.) I suppose this means I > > cannot simply copy over the /etc/passwd and /etc/shadow files to move the > > users over. Anyway to convert between the two? > > They're probably not different. Each time you change your password, the > system selects a random salt which is combined with the password before > hashing and saved in the clear before the password hash. Its purpose is to > prevent exactly what you just tried - hashing every word in a dictionary to > see which hashes match up. With salt, you'd have to hash every word with > every possible salt. > > Copy the entry from one system to the other and see if you can still login.
So is the salt stored with the hash? If so, what's the point? If not, where is the salt stored? ____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
