LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-14-2010, 01:05 PM   #1
Dims
Member
 
Registered: Feb 2009
Posts: 151

Rep: Reputation: 15
How to create shadow pasword hash manually?


How to create the password hash exactly the same as in shadow file (from the command line)?

The command

openssl passwd -crypt

returns something different.
 
Old 10-14-2010, 01:12 PM   #2
luvshines
Member
 
Registered: Apr 2009
Posts: 74

Rep: Reputation: 16
Looking for this ??
http://www.linuxquestions.org/questi...d-hash-602739/
 
Old 10-14-2010, 01:20 PM   #3
Dims
Member
 
Registered: Feb 2009
Posts: 151

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by luvshines View Post
Looking for this ??
Thanks! Already found this and understood about the salt, but I have not $1 at the beginning of the hash, but $6 and my hash from shadow file is much longer, than one from openssl (approx 86 characters long).
 
Old 10-14-2010, 01:25 PM   #4
Dims
Member
 
Registered: Feb 2009
Posts: 151

Original Poster
Rep: Reputation: 15
I found that $6 means SHA encryption, but then I can't find "salt" option in "openssl sha" command...
 
Old 10-14-2010, 03:00 PM   #5
Dims
Member
 
Registered: Feb 2009
Posts: 151

Original Poster
Rep: Reputation: 15
The following command worked:

python -c "import crypt, getpass, pwd; print crypt.crypt('<PASSWORD>', '\$6\$<SALT>\$')"
 
Old 10-14-2010, 03:09 PM   #6
Dims
Member
 
Registered: Feb 2009
Posts: 151

Original Poster
Rep: Reputation: 15
Does anyone know, how SALT is integrated into password?

I have failed to implement encoding myself with the following sequence:

1) concatenate password + salt
2) convert to ASCII bytes
3) perform SHA512 hashing
4) create base64 string

I think salt concatenating is somehow wrong...
 
Old 10-14-2010, 08:01 PM   #7
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670
The pwdutils package should supply the mkpasswd program.

The results of "mkpasswd -S <salt_string> -m sha-512" is an 86 digit long string, after the type and salt.

echo -n 'ThisIsATest' | /usr/bin/mkpasswd -m sha-512 -S 'salt1234' -
$6$salt1234$GCfgodngkLAgi8qKn2jCRmzXVF.ZSxa3Pj3bWQJpcxFU.6/YFfwB4LQl26rrs7/nCXTul.6nqDclAp/ki4Jz40

Some distro's use the blowfish hash by default (see man 3 crypt) however, I don't believe that mkpasswd supports blowfish.

Last edited by jschiwal; 10-14-2010 at 08:26 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
What is the easiest way to replace a hash in a shadow file, not using passwd? abefroman Programming 3 08-05-2010 07:56 AM
What is used to create the shadow password hash?? helptonewbie Linux - General 11 08-17-2009 03:02 AM
/etc/shadow hash changes? Oxagast Linux - Security 1 12-28-2008 01:07 PM
Manually adding users and the shadow file... Tim356 Red Hat 3 08-05-2008 07:00 AM
changing the /etc/shadow hash algo. zerg4141 Linux - Security 2 08-07-2006 09:32 PM


All times are GMT -5. The time now is 07:35 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration