MD5 /etc/passwd-style hashes?

TQuid has asked for the wisdom of the Perl Monks concerning the following question:

I'm authenticating on a system whose crypt() doesn't support MD5. I have the Digest::MD5 module installed, but I don't see in the docs anywhere how to use salt. That is, I can do a nice

$enc_pwd = md5_base64("foo");
[download]

To get an md5 hash, but I'm unsure how to simulate

$enc_pwd = crypt("foo", $salt);
[download]

Using the Digest::MD5 tools. I assume this is something obvious, but the docs for Digest::MD5 leave me clueless. Any help much appreciated.

--TQuid

Comment on MD5 /etc/passwd-style hashes? Select or Download Code

Replies are listed 'Best First'.
Re: MD5 /etc/passwd-style hashes? by Fastolfe (Vicar) on Sep 18, 2000 at 22:31 UTC
I'm not 100% sure what you're trying to do, but I hope this helps. To get a crypted string on a system whose crypt does not support MD5, you can't use Digest::MD5. Just use the Perl crypt built-in. MD5 hashes do not have a "salt" in the crypt sense. They're totally different things. With a Unix crypt, one password can generate dozens of different crypt hashes, each with different salts, however the same password will only ever generate one MD5 hash ever. At least, that's how I understand it. I guess it's possible that the MD5 password implementations add a certain string to the beginning/end of a password before passing it through an MD5 hash, but it seems like that's getting to be too much. MD5 hashes are safe enough in my opinion as they are. Update: Check out Crypt::PasswdMD5. I believe this does what you want.	[reply]
RE: Re: MD5 /etc/passwd-style hashes? by TQuid (Sexton) on Sep 18, 2000 at 22:38 UTC
Alas, Perl's crypt() just passes its arguments to the system's crypt(), thus my problem. The docs at `man 3 crypt` make it very clear that md5 hashes are how the $1$yoursalthere$encrypted_pass password lines are made . . . --TQuid	[reply] [d/l]
Re: MD5 /etc/passwd-style hashes? by TQuid (Sexton) on Sep 18, 2000 at 23:19 UTC
Aha! Crypt::PasswdMD5 saves the day. Thanks to ofalte(??) for this one. --TQuid	[reply]
RE: MD5 /etc/passwd-style hashes? by cianoz (Friar) on Sep 19, 2000 at 00:54 UTC
use Crypt::PasswdMD5;	[reply]