[plug] MD5 convert

Brian Tombleson brian at paradigmit.com.au
Fri Jan 11 01:02:18 WST 2002


From: "Christian" <christian at amnet.net.au>
> On Thu, Jan 10, 2002 at 09:36:31AM +0800, Anthony J. Breeds-Taurima wrote:
> > What Brian was asking was
> > "Opps I said no!  How do I now change that to yes?"

> Maybe it works like this now but it certainly never used to.  What he
> actually asked was how to make it use the MD5 crypt() to hash passwords
> when doing checking if you haven't selected to create new passwords
> using this.  He actually said that the hashes were already in existence.
> Given that the prefix of the hash identifies what sort of crypt() to
> apply, it shouldn't really matter for the purposes of authenticating
> what the system is configured to use for new passwords.  It's pretty
> stupid if it doesn't work like this now since it means passwords hashed
> by different crypt() algorithms can't coexist on the same system.

Sorry Christian, but I can't comment on the internal workings, but I'll
explain a bit more if it will help.

I had a RH6.2 box with 1500 users on it created with the MD5 hash
Hard drive crashed.
The guy on-site installed a new HDD with Debian but didn't choose "Use MD5
Passwords" at the install prompt.
Scripted an iterative "adduser" for all of the names in a backup of the
original /etc/passwd file and grab the pre-encrypted passwords from the
corresponding backup of /etc/shadow. <- At this stage, I didn't know "the
system" wasn't using MD5.
None of the new users authenticated. <- now I knew.
<Pull hair out, question on list, feedback, research, arguments, etc - not
necessarily in that order>
Appended "md5" to the password line in /etc/pam.d/login
All users (new and the few old) authenticate correctly.

Hope this clears things up :-)

- Brian.




More information about the plug mailing list