February 27th, 2002, 11:11 AM
I have been doing some tests on my comp, Redhat 7.2, to find out how the passwords are encrypted. My /etc/passwd is shadowed and in /etc/shadow, I have found that the salt with my account and for root's account is a three bytes! Is this correct, or have I misunderstood something?
I have created other test accounts, just to observe the salt and yes, the same for the new ones as well. When I try to encrypt the same password as my account with the salt present in mine and root's encrypted password, they don't match!
Could someone please shed some light on the situation? I would be very thankful.
July 2nd, 2002, 11:01 PM
If your /etc/shadow looks like
Then the "ss" stands for the 2 character salt, and the "ccccccccccc" is your
encrypted password - just as the theory goes.
But the beloved, old, Unix password system is too easy to break nowadays.
So now they use something with md5() and longer passwords, and your
entry ought to look more or less like:
where $1$ is not your salt, but just an indication of this new system. The x's do
use some kind of salt, but I'm not quite aware how it works.
Anyways - this is much, much more secure.
By the way, the 2 systems may coexist on the same computer, and you may get
one or the other depending on how you create your user, or change the password.
July 2nd, 2002, 11:09 PM