Hey all,

Most MD5 hashing programs I have seen generate the same hash if you consistently use the same password. For example, if use a pass of "sup3rm@n" it would generate something like

1$\yuUhgbaW244HiplO09i

every time

I noticed that when I ran grub-md5crypt on my FC2 system, it never generated the same hash when using the same password.

Can anyone explain this, sorry if this such a n00b question.

I think FC adds a salt before hashing the password, to prevent attacks based on prepared hash tables (dictionnary attack)
Could be
grub_hash(PASS)="SALT"+"MD5(SALT+PASS)"
The SALT is choosen randomly everytime you change the password.

If a user comes with a list like this:
MD5(l33t)=x
MD5(passw0rd)=y
MD5(123456)=z
..
(big file containing hashes of easy passwords)

then he cannnot compare grub_hash with x,y,z because
grub_hash(passw0rd)="21E4"+MD5("21E4passw0rd")
and he has not prepared MD5(21E4passw0rd) because its not a dictionnary word.
Adds a little layer.

Maybe from one install of redhat to another, the md5 would not be the same...

Thanks! I figured it was something like that.

But the problem remains for RH , strange. Is it an old RH?
Anyway, I don't see why somebody from outside would crack your grub password
And its pretty easy to remove this password if you have physical access