Greetings Monks,
Hopefully someone with a bit more robe ruffling experience than I can weigh in here...
I'm trying to match encrypted passwords in /etc/shadow (edit: actually stored in a DB, encrypted passwords only) with those programatically generated using Crypt::Password, but I must be missing something (eg, what salt is used in Linux when the password command is used to set/change the password. edit: I started scanning the passwd(1) source to get a clue, but started to feel nauseous either from the code, or from christmas chow, not sure which)
eg, given the following /etc/shadow entry (user 'bob', password 'abc'):
bob:$1$Wl2RANfv$M9PjezS//sUMDRnhhO5vR1:16065::::::
I now to try to replicate that password using this code ($1 implies MD5):
use Crypt::Password; print password("abc", "bo", "md5") . "\n";
Which yields:
$1$bo$e/EvseYfe8hj3LasblgjX.
...Obviously not a match
Am I on the right track here? Is this a case of not using the same salt string?
FYI, I need this to authenticate users which are being migrated from an /old/ server to a new one, and we only have the encrypted passwords, so I need to authenticate them with new proposed systems...
I'd appreciate pointers in what I'm doing wrong here. Thanks a mill.---------------------------
Documenting answer: Abbot ambrus on chatterbox says pass the entire encrypted string as salt (lib will know how to parse it):
thanks!!use Crypt::Password; print password("abc", '$1$Wl2RANfv$M9PjezS//sUMDRnhhO5vR1', "md5") . " +\n";
In reply to Matching encrypted passwords by perlmoi
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |