[Canberra-pm] crypt behaviour
Alex Satrapa
grail at goldweb.com.au
Tue Jun 5 20:38:28 PDT 2012
Ah, I found the Perl module of interest: Crypt::PasswdMD5
So rather than
$crypted = crypt('password', 'salt');
Use Crypt::PasswdMD5;
$crypted = unix_md5_crypt('password', 'salt');
But then you no longer have the protection of using a crypt feature that many people dont know about (say, the people migrating your software to Mac OS X or Windows) :)
Alex Satrapa | web.mac.com/alexsatrapa | Ph: 0407 705 332
On 06/06/2012, at 13:19, Adam Clarke <adam.clarke at strategicdata.com.au> wrote:
> From crypt(3) manpage on an old (Etch) Debian box ...
>
> GNU EXTENSION
> The glibc2 version of this function has the following additional fea‐
> tures. If salt is a character string starting with the three charac‐
> ters "$1$" followed by at most eight characters, and optionally termi‐
> nated by "$", then instead of using the DES machine, the glibc crypt
> function uses an MD5-based algorithm, and outputs up to 34 bytes,
> namely "$1$<string>$", where "<string>" stands for the up to 8 charac‐
> ters following "$1$" in the salt, followed by 22 bytes chosen from the
> set [a–zA–Z0–9./]. The entire key is significant here (instead of only
> the first 8 bytes).
>
> On 06/06/2012, at 1:09 PM, Alex Satrapa wrote:
>
>> According to http://www.perlmonks.com/?node_id=62392 there is a means to get crypt to use MD5 by providing an 8-byte salt preceded by $1$.
>>
>> This doesn't work on Mac OS X or, as indicated on that page, under Active Perl for Windows.
>>
>> Does anyone know where this MD5 magic behavior of crypt is documented?
>>
>> Alex Satrapa | web.mac.com/alexsatrapa | Ph: 0407 705 332
>> _______________________________________________
>> Canberra-pm mailing list
>> Canberra-pm at pm.org
>> http://mail.pm.org/mailman/listinfo/canberra-pm
>
> _______________________________________________
> Canberra-pm mailing list
> Canberra-pm at pm.org
> http://mail.pm.org/mailman/listinfo/canberra-pm
More information about the Canberra-pm
mailing list