Hiya. Salt is just a thing which helps you encoding the stuff.
From a book:
The crypt Function
The crypt function encrypts a string using the NBS Data Encryption Standard (DES) algorithm.
The syntax for the crypt function is
result = crypt (original, salt);
original is the string to be encrypted, and salt is a character string of two characters that defines how to change the DES algorithm (to make it more difficult to decode). These two characters can be any letter or digit, or one of the . and / characters. After the algorithm is changed, the string is encrypted using the resulting key.
result is the encrypted string. The first two characters of result are the two characters specified in salt.
You can use crypt to set up a password checker similar to those used by the UNIX login. Listing 14.2 is an example of a program that prompts the user for a password and compares it with a password stored in a special file.
--------------------------------------------------------------------------------
Listing 14.2. A program that asks for and compares a password.
1: #!/usr/local/bin/perl
2:
3: open (PASSWD, "/u/jqpublic/passwd") ||
4: die ("Can't open password file");
5: $passwd = <PASSWD>;
6: chop ($passwd);
7: close (PASSWD);
8: print ("Enter the password for this program:\n");
9: system ("stty -echo");
10: $mypasswd = <STDIN>;
11: system ("stty echo");
12: chop ($mypasswd);
13: if (crypt ($mypasswd, substr($passwd, 0, 2)) eq $passwd) {
14: print ("Correct! Carry on!\n");
15: } else {
16: die ("Incorrect password: goodbye!\n");
17: }
--------------------------------------------------------------------------------
$ program14_2
Enter the password for this program:
bluejays
Correct! Carry on!
$
Note that the password you type is not displayed on the screen.
Lines 3-7 retrieve the correct password from the file /u/jqpublic/passwd. This password can be created by another call to crypt. For example, if the correct password is sludge, the call that creates the string now stored in $passwd could be the following, where $salt contains some two-character string:
$retval = crypt ("sludge", $salt);
After the correct password has been retrieved, the next step is line 8, which asks the user to type a password. By default, anything typed in at the keyboard is immediately displayed on the screen; this behavior is called input echoing. Input echoing is not desirable if a password is being typed in, because someone looking over the user's shoulder can read the password and break into the program.
To make the password-checking process more secure, line 9 calls the UNIX command stty -echo, which turns off input echoing; now the password is not displayed on the screen when the user types it. After the password has been entered, line 11 calls the UNIX command stty echo, which turns input echoing back on.
Line 13 calls crypt to check the password the user has entered. Because the first two characters of the actual encrypted password contain the two-character salt used in encryption, substr is used to retrieve these two characters and use them as the salt when encrypting the user's password. If the value returned by crypt is identical to the encrypted password, the user's password is correct; otherwise, the user has gotten it wrong, and die terminates the program. (A gentler password-checking program usually gives the user two or three chances to type a password before terminating the program.)
This password checker is secure because the actual password does not appear in the program in unencrypted form. (In fact, because the password is in a separate file, it does not appear in the program at all.) This makes it impossible to obtain the password by simply examining the text file.
NOTE
The behavior of crypt is identical to that of the UNIX library function crypt. See the crypt(3) manual page for more information on DES encryption
--------------
Bob Erinkveld (Webmaster Insane Hosts)
www.insane-hosts.net
MSN: [EMAIL PROTECTED]
From: Jerry M. Howell II <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: crypt()
Date: Sun, 8 Dec 2002 05:33:09 -0500
hello there,
Got another question. as far as I know I need the following to encrypt
a passwd in perl. I plan to use it to add a users to my /etc/passwd /etc/shadow
and /etc/group now I got a question cuz most newbees do :) what am I missing
in this script I've narowed it down to the crypt command and found out in the
cammel book it should be crypt(plaintext,salt) if I understood it corectly.
what do I need for the salt????
my script is the following (don't laugh to hard :))
#!/usr/bin/perl
print "Enter your preferd username.\n";
$username = <STDIN>;
chomp($username);
print "enter your prefered password\n";
$passwd = <STDIN>;
$passwd=crypt($passwd);
chomp($passwd);
print `/usr/sbin/useradd "$username" -p "$passwd"`;
--
Jerry M. Howell II
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
_________________________________________________________________
MSN Zoeken, voor duidelijke zoekresultaten! http://search.msn.nl/worldwide.asp
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
