-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi...
The perl script works fantastic; but I can't do it self in C... when try to use the crypt function, I receive the message: /tmp/cc2iFds4.o(.text+0x3e): undefined reference to `crypt' Please someone help me a lot of thanks El Mié 13 Feb 2002 23:55, escribió: > On 23:34 13 Feb 2002, David Kramer <[EMAIL PROTECTED]> wrote: > | On Wed, 13 Feb 2002, Cameron Simpson wrote: > | > On 21:06 12 Feb 2002, ramzez <[EMAIL PROTECTED]> wrote: > | > | I want to make an app in C... and I need to encript passwords for > | > | users of my app and I want to use the same method of linux (the > | > | users aren't the same of linux)... How do I do that ?? > | > > | > You want the crypt(3) function - see "man 3 crypt". But only use it > | > for compatibilty reasons - computationally it's too weak for security - > | > you can brute force the hashes it creates these days. > | > | Even that may not be compatible. For instance, my Red Hat 7.0 system > | used MD5, not crypt. > > It can be configured either was with the authconfig tool. > > | [...] When you call crypt, it wants the string to encrypt > | and a "salt". The salt is sort of like a seed for a random number > | generator. [...] (you always want to use a random salt of two > | alphanumeric characters). > > Actually, not just alphabetic - there is a set of 64 characters to pick > from. See: > > http://www.zip.com.au/~cs/scripts/pwcrypt > > for some example perl code - the C code is very similar. > > | The key to getting your head around this is that this is a one-way hash > | algorithm, which means that you can NEVER algorithmicly derive the > | original password from the encrypted one. You can only verify whether a > | given password matches when crypted with the same salt. > > Well, the current problem with crypt is that you _can_ algorithmicly do > it these days, though in a brute force fashion. But the search space is > small enough that current commodity machines can rummage through it all > in a quite reasonable amount of time, especially single you can narrow > the search space a bit since you know the salts to use. - -- Linux User Registered #232544 http://counter.li.org/ my GnuPG-key at www.keyserver.net - --- rm -rf /bin/laden --- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8bH30s4dF9gl05swRAkLPAJ4mpBHYUFTTJMefY/jqp9/AMbLu8ACbB6gn 2XzxZYqlkLw6uQafIzeNR1g= =KjoD -----END PGP SIGNATURE----- _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
