Re: [vox-tech] password question

[Micah Cowan <micah@cowMAPSanbox.com>]

On Wed, Oct 18, 2000 at 02:11:39PM -0700, Peter Jay Salzman wrote:
> ok, ok, if i did use crypt()  (and this is why i was avoiding it)...
> 
>        #include <crypt.h>
>        char *crypt(const char *key, const char *salt);
> 
> key is the plaintext password.  from the man page,
> 
>      salt  is  a  two-character  string  chosen  from  the  set
>        [a-zA-Z0-9./].  This string is used to perturb  the  algo-
>        rithm in one of 4096 different ways.
> 
> so salt is a two character string.   but scrolling down,
> 
>        If  the salt starts with $1$ an MD5 based password hashing
>        algoritm is applied. The salt should consist off $1$  fol-
>        lowed with eight characters.
> 
> so just to be clear, if i wanted old style DES encryption, i'd supply a 2
> character salt, but if i wanted md5 style encryption, i'd supply an 8
> character salt?  (and both salts are null terminated strings).
> 
> pete
> 
> 
> On Wed, 18 Oct 2000, Peter Jay Salzman wrote:
> 
> > i was hoping to avoid that...
> > 
> > pete
> > 
> > > You could just write your own - see crypt(3).
> > > 
> > > Micah
> > > 
> > > 
> > 
> > 

Actually, I guess I wasn't thinking.  My version of crypt() doesn't do
anything but DES.  If yours does MD5, kewl.

Micah