[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: more questions regarding password hashes

To: Brandon McCombs <bmccombs@ma.rr.com>
Subject: Re: more questions regarding password hashes
From: Howard Chu <hyc@symas.com>
Date: Fri, 23 Feb 2007 00:04:06 -0800
Cc: openldap-software@openldap.org
In-reply-to: <45DE873B.6090307@ma.rr.com>
References: <45DE873B.6090307@ma.rr.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060911 Netscape/7.2 (ax) Firefox/1.5 SeaMonkey/1.5a

Brandon McCombs wrote:

I actually read the manpage this time on password-crypt-salt-format but still have some questions. It seems that only one salt format can be

One last question, if a salt is used with MD5 for example, is the password's hash prefixed with {SMD5} or is {MD5} still used?

All these hashes are confusing so I'm trying to get things clear in my head.

No. No salt is used with MD5 or SHA. The salt that is used with SMD5 or SSHA is generated randomly. The password-crypt-salt-format only applies to crypt, just as it's documented. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc Chief Architect, OpenLDAP http://www.openldap.org/project/

Follow-Ups:
- Re: more questions regarding password hashes
  - From: Brandon McCombs <bmccombs@ma.rr.com>

References:
- more questions regarding password hashes
  - From: Brandon McCombs <bmccombs@ma.rr.com>

Prev by Date: more questions regarding password hashes
Next by Date: Re: Segmentation Fault
Index(es):
- Chronological
- Thread