Re: Passwd file conversion?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> 
> Is there not a function to convert from crypt to md5 passwords,
> similar to pwconv and grpconv ? Is it even possible?
> 
>     -Thomas
>
Hi Thomas,

pwconv and grpconv do not convert the crypt hash, they move it
forom /etc/passwd to /etc/shadow, and /etc/group to /etc/gshadow.
Hashes are intended to be one way functions.  The problem with crypt
is it is not a very good one way function, as its fairy trivial to 
brute force it (how is beyond the scope of this conversation).  
This is why many are moving to md5 hashes as they are not so 
easily subject to a brute force attack.  

The bottom line, though, is that for something to be a hash
the following should not be true:

	f(x)   = y
	
	 -1
	f  (y) = x

In other words there is not an inverse function for the hash 
function that would easily yield the password from the hash.
The situation you have with the crypt hash and the md5hash
is:

	f(x) = y
	g(x) = z

That is there is no relation between the two hashes.  If there were
such a relation then I could convert an md5 hash to its equivelant
crypt hash and then get to work on it with crack...a very bad idea.

cheers...james
> 
> 
> 
> _______________________________________________
> Redhat-devel-list mailing list
> Redhat-devel-list@redhat.com
> https://listman.redhat.com/mailman/listinfo/redhat-devel-list
> 



_______________________________________________
Redhat-devel-list mailing list
Redhat-devel-list@redhat.com
https://listman.redhat.com/mailman/listinfo/redhat-devel-list

[Index of Archives]     [Kernel Newbies]     [Red Hat General]     [Fedora]     [Red Hat Install]     [Linux Kernel Development]     [Yosemite News]

  Powered by Linux