[Chicago-talk] Note on Shadow password files

Steven Lembark lembark at wrkhors.com
Sun Mar 12 13:16:25 PST 2006


Shadow files don't always use MD5, Blowfish is also
common. The check is to look at one of the encrypted
passwords for "$1$" or "$2a". Passwords starting
with $2a$ are encrypted with the Blowfish hash
function which can be handled via:

    Crypt::Blowfish
    Perl Blowfish encryption module
    Crypt-Blowfish-2.10 - 02 Dec 2005 - Dave Paris

    Crypt::Blowfish_PP
    Blowfish encryption algorithm implemented purely in Perl
    Crypt-Blowfish_PP-1.12 - 02 Jan 2001 - Matthew Byng-Maddick

If they begin with $1$ then they are MD5 and are
probably best handled via:

    Crypt::PasswdMD5
    Provides interoperable MD5-based crypt() functions
    Crypt-PasswdMD5-1.3 - 17 Feb 2004 - Luis Muñoz

These are the most likely solutions today.

-- 
Steven Lembark                                       85-09 90th Street
Workhorse Computing                                Woodhaven, NY 11421
lembark at wrkhors.com                                     1 888 359 3508


More information about the Chicago-talk mailing list