Passwords and MD5

Chuck Swiger cswiger at
Thu Jun 19 16:04:30 PDT 2003

Tim Legg wrote:
[ ... ]
> nerdy:$1$1xYw.V8w$IozDgrd4srvZPPqu85cR..:1005:1006::0:0:Mr. Know-it-all:/home/nerdy:/bin/sh
> The $1$ means we are in fact using MD5.
> but when I run md5 in the command line, I get
> $ md5 -s FreeBSD
> MD5 ("FreeBSD") = a3dc630729e463135f4e608954fa6e19
> which is considerably different.

Starting with the simpler case of a classic DES-based password, what happens is 
that the system doesn't just hash or encrypt the user's plaintext password, but 
the password plus a randomly chosen two-letter "salt", which was intended to 
make it difficult to simply DES plaintext and compare to the encoded password.

With regard to MD5, try taking the ASCII representation above, converting it to 
the raw hexidecimal equivalent, and then running that through b64encode.  :-)


More information about the freebsd-questions mailing list