[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Verifying a MD5 password?

Subject: [ale] Verifying a MD5 password?
From: Robert.L.Harris at rdlg.net (Robert L. Harris)
Date: Thu, 27 Feb 2003 14:52:28 -0500


We're trying to write a script that can verify passwords against md5
password entries.  We've got a good mechanism to get the password from
/etc/shadow but something in the actual computation of the md5 hash of
the user input is not right.

Anyone have a good command line or HOWTO I can read through?

A couple combinations we've tried:

salt=spudpeel
password=foo

#
echo -n "foospudpeel" | openssl md5 -binary | openssl base64
u9FAH8zsyXmwYX3pBqLd6Q==

# trying with a base64 encoded salt
echo -n "foodc3B1ZHBlZWw=" | openssl md5 -binary | openssl base64
JmyoP+AVagwGzN0uLF4Mow==


We've only found a couple docs on how the md5 password hash's are
generated, nothing that flat out says "do x, do y, do z, shove it in a
file"...

Robert



:wq!
---------------------------------------------------------------------------
Robert L. Harris                     | PGP Key ID: E344DA3B
                                         @ x-hkp://pgp.mit.edu 
DISCLAIMER:
      These are MY OPINIONS ALONE.  I speak for no-one else.

Diagnosis: witzelsucht  	

IPv6 = robert at ipv6.rdlg.net	http://ipv6.rdlg.net
IPv4 = robert at mail.rdlg.net	http://www.rdlg.net

 PGP signature

Prev by Date: bigger is better 1263XtRY9-337lXsc7886NPda0-503-28
Next by Date: [ale] Verifying a MD5 password?
Previous by thread: bigger is better 1263XtRY9-337lXsc7886NPda0-503-28
Next by thread: [ale] Verifying a MD5 password?
Index(es):
- Date
- Thread