[ale] Verifying a MD5 password?
Robert L. Harris
Robert.L.Harris at rdlg.net
Thu Feb 27 14:52:28 EST 2003
We're trying to write a script that can verify passwords against md5
password entries. We've got a good mechanism to get the password from
/etc/shadow but something in the actual computation of the md5 hash of
the user input is not right.
Anyone have a good command line or HOWTO I can read through?
A couple combinations we've tried:
salt=spudpeel
password=foo
#
echo -n "foospudpeel" | openssl md5 -binary | openssl base64
u9FAH8zsyXmwYX3pBqLd6Q==
# trying with a base64 encoded salt
echo -n "foodc3B1ZHBlZWw=" | openssl md5 -binary | openssl base64
JmyoP+AVagwGzN0uLF4Mow==
We've only found a couple docs on how the md5 password hash's are
generated, nothing that flat out says "do x, do y, do z, shove it in a
file"...
Robert
:wq!
---------------------------------------------------------------------------
Robert L. Harris | PGP Key ID: E344DA3B
@ x-hkp://pgp.mit.edu
DISCLAIMER:
These are MY OPINIONS ALONE. I speak for no-one else.
Diagnosis: witzelsucht
IPv6 = robert at ipv6.rdlg.net http://ipv6.rdlg.net
IPv4 = robert at mail.rdlg.net http://www.rdlg.net
PGP signature
More information about the Ale
mailing list