crypt and passwords
Jerry Feldman
gaf at blu.org
Fri Aug 22 09:46:16 EDT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 22 Aug 2003 09:33:28 -0400
Derek Martin <invalid at pizzashack.org> wrote:
> On Fri, Aug 22, 2003 at 02:12:27AM -0400, David Kramer wrote:
> > I once knew the magic incantations for being able to verify a passwd
> > by passing the salt from the encrypted password and the unencrypted
> > password to crypt() to see if you got a string matching the
> > encrypted password. I'm trying to write a small test program to do
> > this, but I am not getting the encrypted string back.
>
> Can we see the code where you set up the salt and call the function?
>
> Can we also see what you /are/ getting for results, if any?
>
> Also, what are your linker options? One thing that occurs to me is
> that you might be linking against OpenSSL's crypt(), rather than
> glibc's crypt(). I'm not positive this is a real possibility, but I
> thought OpenSSL provided a crypt() function... You might want to see
> what package provides libcrypt* on your system...
>
> The man page for crypt(3) on my system suggests that the crypt()
> function might fail because it may not have been implemented, due to
> export restrictions...
I wrote a C++ program to create a password file for the web sites using
crypt. It uses the user ids and passwords from mailman. Only a few lines
of code.
- --
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix user group
http://www.blu.org PGP key id:C5061EA9
PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/Rh6o+wA+1cUGHqkRAopVAKCClJu1gCdlMh3LSKQ18cueODBd5wCfe5wT
xX+sNfEDFU8mPRGjIY1U4bc=
=3UdE
-----END PGP SIGNATURE-----
More information about the Discuss
mailing list