> > Is there not a function to convert from crypt to md5 passwords, > similar to pwconv and grpconv ? Is it even possible? > > -Thomas > Hi Thomas, pwconv and grpconv do not convert the crypt hash, they move it forom /etc/passwd to /etc/shadow, and /etc/group to /etc/gshadow. Hashes are intended to be one way functions. The problem with crypt is it is not a very good one way function, as its fairy trivial to brute force it (how is beyond the scope of this conversation). This is why many are moving to md5 hashes as they are not so easily subject to a brute force attack. The bottom line, though, is that for something to be a hash the following should not be true: f(x) = y -1 f (y) = x In other words there is not an inverse function for the hash function that would easily yield the password from the hash. The situation you have with the crypt hash and the md5hash is: f(x) = y g(x) = z That is there is no relation between the two hashes. If there were such a relation then I could convert an md5 hash to its equivelant crypt hash and then get to work on it with crack...a very bad idea. cheers...james > > > > _______________________________________________ > Redhat-devel-list mailing list > Redhat-devel-list@redhat.com > https://listman.redhat.com/mailman/listinfo/redhat-devel-list > _______________________________________________ Redhat-devel-list mailing list Redhat-devel-list@redhat.com https://listman.redhat.com/mailman/listinfo/redhat-devel-list
