home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!utcsri!devnull
- Newsgroups: alt.hackers
- From: flaps@dgp.toronto.edu (Alan J Rosenthal)
- Subject: Re: /etc/passwords
- Message-ID: <1992Jul23.110110.15268@jarvis.csri.toronto.edu>
- References: <Brt4nI.IFw@undergrad.math.waterloo.edu>
- Date: 23 Jul 92 15:01:10 GMT
- Approved: AT&T
- Lines: 47
-
- nimouat@napier.waterloo.edu (Nikos Mouat) writes:
- >What kind of encoding scheme is used, is it RSA?
-
- no, it's des with some variant and a weird approach in that the password is
- used as the key rather than the message, or something like that. It antedates
- RSA by like two decades! I forget the details of what it is, but here's how to
- use it from C, given the C library function crypt():
-
- crypt() takes two parameters both of which are (char *)s, the first being the
- password you want to encrypt and the second being a two-character salt. The
- field in /etc/passwd is this salt concatenated with the encrypted password,
- which is the return value of crypt().
-
- The upshot is this: If p is a pointer to struct passwd from the password
- file, you do something like this:
-
- if (strcmp(crypt(typedpasswd, p->pw_passwd), p->pw_passwd))
- ... they typed the wrong passwd.
-
- That crypt() call can actually be crypt(getpass("Password:"), p->pw_passwd) if
- you want it to prompt the user. getpass() is a very cool library function
- which turns off echo, prompts the user, gets the password, outputs a newline,
- turns echo back on again.
-
- If you want to make some /etc/passwd passwd fields of your own, this is how you
- do it.
-
- char *cryptpasswd(passwd)
- char *passwd;
- {
- long salttime, time();
- char dessalt[2], *crypt();
- int i;
-
- time(&salttime);
- dessalt[0] = salttime & 63;
- dessalt[1] = (salttime >> 6) & 63;
- for (i = 0; i < 2; i++) {
- dessalt[i] += '.';
- if (dessalt[i] > '9')
- dessalt[i] += 7;
- if (dessalt[i] > 'Z')
- dessalt[i] += 6;
- }
-
- return(crypt(passwd, dessalt));
- }
-
