Printable View
When Linux uses the MD5 algorithm to hash passwords, it uses a different salt everytime. ie if I were to hash the word "cgkanchi" multiple times, I'd get a different hash each time. How does the passwd program know which salt to use when verifying the password? In other words, where is this "salt" value stored? It can't be in the shadow file or in the hash itself, because that would nullify the whole point of having the salt. So where???
Cheers,
cgkanchi
It's in the shadow file.Quote:
In other words, where is this "salt" value stored?
No, it won't.Quote:
It can't be in the shadow file or in the hash itself, because that would nullify the whole point of having the salt.
Normally the salt is the first two characters of the crypted password. It's chosen randomly.
The purpose of the salt is to prevent someone who can read the passwords from using either precalculated hash values, or comparing the passwords of different users usefully.
In principle, if there was no salt, you could crypt all the words in a dictionary, and vastly decrease the time to crack a dictionary-based password (in fact, it could be immediate). If you had plenty of storage, it could crack a fairly complex password almost instantly.
But due to the fact that there are at least 3800 possible salts (i.e. two characters a-zA-Z0-9), this becomes much harder.
Two users with the same password will almost certainly have different salts, hence an attacker cannot know they are the same (unless he cracks them both).
I think that NT password hashes have no salt, hence two users with the same password have the same hash value.
Slarty
Thanks for the reply. Everything is much clearer now :).
Cheers,
cgkanchi
Also, the /etc/shadow file is readable only by root and nobody else. Permissions are usually 0400 (-r--------).
And considering md5 is a 32-digit hash compared to crypt()'s inherent weak encryption, it's definitely a lot better to use!