Originally Posted by DRiggs
I have seen many websites say to use "openssl passwd -1", but when I do this with my current password the result does not match what the shadow has...?
It's not supposed to match. A salt
is used every time you generate, so it's normal and expected to get different hashes for the same password every time. It's all good (they will work just fine). That said, if you have a need for the strings to be exactly the same for some reason, all you have to do is specify the salt when you execute the command. So, for example:
Instead of this:
You would use something like this:
openssl passwd -1 -salt MySalt
Remember that the salt is always stored alongside the actual hash (it's the characters between the string's second and third dollar signs). In this example output string I've put the salt in red:
So if I wanted to generate this hash exactly as posted (assuming I know the password, of course), I would do a:
openssl passwd -1 -salt d9FPOhLP
Hope this helps, and BTW: Welcome to LQ!!!