LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices



Reply
 
Search this Thread
Old 06-16-2007, 02:43 PM   #1
Tux-Slack
Member
 
Registered: Nov 2006
Location: Slovenia
Distribution: Slackware 13.37
Posts: 511

Rep: Reputation: 36
Linux password encryption and data encryption


I've heard Linux uses a one way encryption method for users password.
Where can I get a look at this code?
I want to make something like this for my own application, nothing else...

And for data encryption, is there a example for data encryption so I wouldn't store my data encryption in normal Text mode on the disk, so it will be stored encrypted.
 
Old 06-16-2007, 04:56 PM   #2
wjevans_7d1@yahoo.co
Member
 
Registered: Jun 2006
Location: Mariposa
Distribution: Slackware 9.1
Posts: 938

Rep: Reputation: 30
This will not only answer your question. It will also give you a general guide on how to get the source for whatever was included in a stock installation of Slackware 11.

You're running Slackware 11, yes?

You have the Slackware CD's, yes? There are 6 of those puppies.

Mount CD 4. On that CD, go to the source directory. Read README.TXT; it will give you general directions on how to find the source for anything distributed with Slackware 11.

The first step is to see what login uses for passwords. So at your shell prompt, do a

Code:
which login
You'll get this as output:

Code:
/bin/login
Remove that first slash and do this:

Code:
grep bin/login /var/log/packages/*
You'll get something like this:

Code:
/var/log/packages/heimdal-0.7-i486-2frg:opt/heimdal/bin/login
/var/log/packages/ppp-2.4.4b1-i486-1:usr/sbin/login.radius
/var/log/packages/shadow-4.0.3-i486-13:bin/login
The final line looks promising, yes?

README.TXT is a little sketchy here. But take everything on that final line before the colon (":"), and look at that file:

Code:
grep LOCATION /var/log/packages/shadow-4.0.3-i486-13
You'll get output that looks like this:

Code:
PACKAGE LOCATION: /var/log/mount/slackware/a/shadow-4.0.3-i486-13.tgz
See that single letter that appears after the slackware/? The "a"? Go to the source/a directory on the CDROM. (Notice that not all letters are represented there. You may have to go to CD 5 or 6 for some letters, such as t and x. And some of them are not single letters at all, but short strings such as tcl and xap. But in your situation, just stay with CD 4, because you can see that the CD directory source contains subdirectory a.)

Do an ls in that directory, and you'll see a shadow subdirectory. Go to that directory and copy file shadow-4.0.3.tar.bz2 to someplace on your hard drive, preferably in a directory of its own. Then, in that directory:

Code:
tar -xvjf shadow-4.0.3.tar.bz2
Look around in the shadow-4.0.3/src directory, and you'll find about 7 calls to function pw_encrypt. That sounds close to what you want, right? But the function is only called here, not defined here. So close, but not yet!

Go back up to the shadow-4.0.3 directory and do this:

Code:
grep -lR pw_encrypt .
You'll get this:

Code:
./libmisc/salt.c
./libmisc/valid.c
./lib/dialchk.c
./lib/encrypt.c
./lib/prototypes.h
./lib/pwauth.c
./src/chpasswd.c
./src/dpasswd.c
./src/gpasswd.c
./src/newgrp.c
./src/newusers.c
./src/passwd.c
./contrib/pwdauth.c
Bob's your uncle.

Hope this helps.
 
Old 06-17-2007, 01:33 AM   #3
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.6, Centos 5.10
Posts: 16,324

Rep: Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041
Now you've followed the above good advice, for file encryption you'll prob use GPG, whose home is here
http://www.gnupg.org/
and is installed (on my Fedora Core 6) in /usr/bin/gpg. Try which gpg to find it on yours.
Note that in this case, you should just be able to use the tool as installed, ie you don't need to read the source.
 
Old 06-19-2007, 11:59 AM   #4
Tux-Slack
Member
 
Registered: Nov 2006
Location: Slovenia
Distribution: Slackware 13.37
Posts: 511

Original Poster
Rep: Reputation: 36
Well this is for a cross-platform app, so I inteand to read the source
Thank you both.
 
Old 06-20-2007, 07:46 AM   #5
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.6, Centos 5.10
Posts: 16,324

Rep: Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041Reputation: 2041
Get downloads from here: http://www.gnupg.org/download/ for most OSes.
It's generally not recommended to implement your own code, it's trickier than it looks to avoid introducing weaknesses.
(Assuming this is for a serious app)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux password encryption jawad bokhari Linux - Security 13 08-23-2012 08:26 PM
password encryption Lanmate Linux - Security 2 12-26-2003 05:15 AM
Password encryption???: shakeeb Linux - General 4 11-07-2003 08:50 PM
Mandrake 9.0 Wireless Works without encryption.. does not with encryption topcat Linux - Wireless Networking 3 05-04-2003 09:47 PM


All times are GMT -5. The time now is 03:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration