Passwords and MD5
cswiger at mac.com
Thu Jun 19 16:04:30 PDT 2003
Tim Legg wrote:
[ ... ]
> nerdy:$1$1xYw.V8w$IozDgrd4srvZPPqu85cR..:1005:1006::0:0:Mr. Know-it-all:/home/nerdy:/bin/sh
> The $1$ means we are in fact using MD5.
> but when I run md5 in the command line, I get
> $ md5 -s FreeBSD
> MD5 ("FreeBSD") = a3dc630729e463135f4e608954fa6e19
> which is considerably different.
Starting with the simpler case of a classic DES-based password, what happens is
that the system doesn't just hash or encrypt the user's plaintext password, but
the password plus a randomly chosen two-letter "salt", which was intended to
make it difficult to simply DES plaintext and compare to the encoded password.
With regard to MD5, try taking the ASCII representation above, converting it to
the raw hexidecimal equivalent, and then running that through b64encode. :-)
More information about the freebsd-questions