On 23:34 13 Feb 2002, David Kramer <[EMAIL PROTECTED]> wrote:
| On Wed, 13 Feb 2002, Cameron Simpson wrote:
| > On 21:06 12 Feb 2002, ramzez <[EMAIL PROTECTED]> wrote:
| > | I want to make an app in C... and I need to encript passwords for users of
| > | my app and I want to use the same method of linux (the users aren't the same
| > | of linux)... How do I do that ??
| >
| > You want the crypt(3) function - see "man 3 crypt". But only use it
| > for compatibilty reasons - computationally it's too weak for security -
| > you can brute force the hashes it creates these days.
|
| Even that may not be compatible. For instance, my Red Hat 7.0 system used
| MD5, not crypt.
It can be configured either was with the authconfig tool.
| [...] When you call crypt, it wants the string to encrypt
| and a "salt". The salt is sort of like a seed for a random number
| generator. [...] (you always want to use a random salt of two
| alphanumeric characters).
Actually, not just alphabetic - there is a set of 64 characters to pick from.
See:
http://www.zip.com.au/~cs/scripts/pwcrypt
for some example perl code - the C code is very similar.
| The key to getting your head around this is that this is a one-way hash
| algorithm, which means that you can NEVER algorithmicly derive the
| original password from the encrypted one. You can only verify whether a
| given password matches when crypted with the same salt.
Well, the current problem with crypt is that you _can_ algorithmicly do
it these days, though in a brute force fashion. But the search space is
small enough that current commodity machines can rummage through it all
in a quite reasonable amount of time, especially single you can narrow
the search space a bit since you know the salts to use.
--
Cameron Simpson, DoD#743 [EMAIL PROTECTED] http://www.zip.com.au/~cs/
I have no help to send, therefore I must go myself. - Aragorn son of Arathorn
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
