md5 Passworte

Ingo Luetkebohle ingo at devconsult.de
Thu Oct 21 22:51:05 CEST 1999 

Hiya,

vor kurzem fragte hier mal jemand nach dem Format von MD5 Passwörtern. In
beigefügter E-Mail ist das Format erläutert.

--
		Ingo Luetkebohle / 21st Century Digital Boy
dev/consulting Gesellschaft fuer Netzwerkentwicklung und -beratung mbH
url: http://www.devconsult.de/ - fon: 0521-1365800 - fax: 0521-1365803 

---------- Forwarded message ----------
Date: Thu, 21 Oct 1999 09:24:28 -0400
From: Randy_Labaza at tivoli.com
Reply-To: pam-list at redhat.com
To: pam-list at redhat.com
Subject: Re: Why is the hashed pw so long?
Resent-Date: 21 Oct 1999 13:24:37 -0000
Resent-From: pam-list at redhat.com
Resent-cc: recipient list not shown: ;

Stephen or anyone,
Can you give me a pointer (website, book, etc.) to more of the gory
details of the MD5 password hash?  Such as the encoding of the
result, and exactly how the salt is used in the hash, etc.  Your
description below is the most detail I have found on this.  But, I am
looking for a few more specifics.  Your help is most appreciated.
Regards.
Randy Labaza
rlabaza at tivoli.com

stephen langasek <vorlo- at netexpress.net> wrote:
original article:http://www.egroups.com/group/pam-list/?start=1903
> On Tue, 14 Sep 1999, gg&ht forever wrote:
>
> > This is really not a PAM question per se - it relates to PAM, though.
> > But feel free to point me to another list. Thanks.
>
> > I'm running RH6.0 using md5 and shadow. My understanding is that
> > when MD5 hashes anything it produces a 128-bit output. 128 bits=
> > 16 bytes. So, how come the hashed pw is 34 characters in /etc/shadow?
>
> The first three characters are the magic string $1$, used to distinguish
> between md5 and crypt. The next 8 characters are the salt, the 12th
> character is a delimiter character ('$' again), and the remaining 22
> characters are the MD5 hash.
>
> 128 / 8 = 16, but this assumes you're using all 8 bits of a character.  The
> MD5 hashes in a password file are stored in a human-readable form by
> convention.  I believe they're encoded in base-64: there's a pool of 64
> characters to choose from, which means each character only really encodes 6
> bits of data (2^6 == 64).  128 / 6 = 21 1/3, which rounded up gives you the
> 22 you see in /etc/shadow.
>
> (The salt is encoded in a similar fashion--it's stored as 8 bytes in the
> file, but it's really only a 48-bit salt, not 64.)
>
> -Steve Langasek
> postmodern programmer
>
> --
> To unsubscribe: mail -s unsubscribe pam-list-request at redhat.com < /dev/null
>






-- 
To unsubscribe: mail -s unsubscribe pam-list-request at redhat.com < /dev/null

More information about the Linux mailing list