[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Inappropriate authentication using {md5} or {sha} ...

To: fkoenen@vonworld.com
Subject: Re: Inappropriate authentication using {md5} or {sha} ...
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Thu, 18 May 2000 19:03:19 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <200005190136.UAA03523@fw1niles.vonworld.com>

At 08:36 PM 5/18/00 -0500, Frank Koenen wrote:
>#rootpw         Secret4
>#rootpw         {CRYPT}OMIpblf7N.TuI
>#rootpw         {SHA}/UL4x0SR0Xq5L9mlddZnSm3pmG1iVw==
>rootpw          {md5}JDEkTmUkaFRPOVRSMnYwYml6aE5uZjBPQlRqLw==

Seems odd that base64 of the MD5 (128bit) hash is longer
than base64 of the SHA1 (160 hash) hash.

>$cryptedpassword = unix_md5_crypt($password, $salt);

That's obviously not simple, old MD5.  Try
	use MD5;
instead of
	use Crypt::PasswdMD5;

References:
- Inappropriate authentication using {md5} or {sha} ...
  - From: Frank Koenen <fkoenen@vonworld.com>

Prev by Date: Re: Inappropriate authentication using {md5} or {sha} ...
Next by Date: Re: Restricting access by IP
Index(es):
- Chronological
- Thread