Results 1 to 4 of 4

Thread: Linux password salt...

  1. #1
    Antionline Herpetologist
    Join Date
    Aug 2001
    Posts
    1,165

    Question Linux password salt...

    When Linux uses the MD5 algorithm to hash passwords, it uses a different salt everytime. ie if I were to hash the word "cgkanchi" multiple times, I'd get a different hash each time. How does the passwd program know which salt to use when verifying the password? In other words, where is this "salt" value stored? It can't be in the shadow file or in the hash itself, because that would nullify the whole point of having the salt. So where???

    Cheers,
    cgkanchi
    Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
    My blog: http://biology000.blogspot.com

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207

    Re: Linux password salt...

    In other words, where is this "salt" value stored?
    It's in the shadow file.

    It can't be in the shadow file or in the hash itself, because that would nullify the whole point of having the salt.
    No, it won't.

    Normally the salt is the first two characters of the crypted password. It's chosen randomly.

    The purpose of the salt is to prevent someone who can read the passwords from using either precalculated hash values, or comparing the passwords of different users usefully.

    In principle, if there was no salt, you could crypt all the words in a dictionary, and vastly decrease the time to crack a dictionary-based password (in fact, it could be immediate). If you had plenty of storage, it could crack a fairly complex password almost instantly.

    But due to the fact that there are at least 3800 possible salts (i.e. two characters a-zA-Z0-9), this becomes much harder.

    Two users with the same password will almost certainly have different salts, hence an attacker cannot know they are the same (unless he cracks them both).

    I think that NT password hashes have no salt, hence two users with the same password have the same hash value.

    Slarty

  3. #3
    Antionline Herpetologist
    Join Date
    Aug 2001
    Posts
    1,165
    Thanks for the reply. Everything is much clearer now .

    Cheers,
    cgkanchi
    Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
    My blog: http://biology000.blogspot.com

  4. #4
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    Also, the /etc/shadow file is readable only by root and nobody else. Permissions are usually 0400 (-r--------).

    And considering md5 is a 32-digit hash compared to crypt()'s inherent weak encryption, it's definitely a lot better to use!
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •