[2261] in linux-security and linux-alert archive
[linux-security] Re: md5,des etc..
daemon@ATHENA.MIT.EDU (Denis Ducamp)
Thu Nov 18 04:37:58 1999
Date: Thu, 18 Nov 1999 10:26:29 +0100
From: Denis Ducamp <Denis.Ducamp@hsc.fr>
To: Arni Raghu <arni@caip.rutgers.edu>
Cc: linux-security@redhat.com
Message-ID: <19991118102628.H480@hsc.fr>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
In-Reply-To: <023301bf3169$06877150$0200a8c0@masala>; from Arni Raghu on Wed, Nov 17, 1999 at 09:02:52PM -0500
Resent-From: linux-security@redhat.com
On Wed, Nov 17, 1999 at 09:02:52PM -0500, Arni Raghu wrote:
> Hoping that this is not OT..
>
> Hi
> I want to write a simple perl script to see if my system supports des or md5
> as the password encryption scheme..what is the easiest way..
>
> one of course is to look at the /etc/shadow file and then parsing the passwd
> field, any better way..??
The easy way :
$ perl -e 'print "DES : " . crypt("password","12") . "\n"'
DES : 12CsGd8FRcMSM
$ perl -e 'print "MD5 : " . crypt("password","\$1\$12") . "\n"'
MD5 : $1$12$VbEDUlCp8WzvSdX6Ahhdl0
If you have the same results then your system supports MD5. If the second
one gives you some thing like "MD5 : $1Oyx5r9mdGZ2" then it doesn't supports
MD5.
How to activate it by default ?
- without pam : check the value of "MD5_CRYPT_ENAB" in /etc/login.defs
- with pam : check the word md5 on the line beginning by :
"password required /lib/security/pam_pwdb.so use_authtok nullok"
in /etc/pam.d/passwd
Denis Ducamp.
--
|\ _,,,---,,_ Denis Ducamp <Denis.Ducamp@hsc.fr>
Zz /,`.-'`' -. ;-;;,_ Hervé Schauer Consultants
|,4- ) )-,_.,,\ ( `'-' http://www.hsc.fr/
'---''(_/--' `-'\_)Isn't there always a cat on whatever you're reading?
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
