Javier Valencia
2/24/2005 7:32:00 PM
Chris Mueller wrote:
> Hi, I'm looking at creating md5 passwords in ruby then manually
> replacing the users pass in the /etc/shadow file. I unfortunately
> cannot use the ruby-password or ruby-termios libraries as they are not
> in the Debian-stable tree (long story).
>
> I looked in the source for ruby-password and noticed that if the salt
> supplied for crypt is $1$, the returned string is an md5 digest.
> Unfortunately this does not work
>
> crypt_pass = password.crypt("$1$as")
>
> the resulting does not have enough chars
>
> I also tried
>
> crypt_pass = Digest::MD5.hexdigest(password)
>
> This produces something a little closer to what I need, but if I
> manually replace someone's password with this string, it also does not
> work. Also, it appears to be 2 digits shorter than what /bin/passwd
> creates.
>
> I've searched high and low for a few days now, and haven't been able
> to come up with anything online.
>
> Does anybody have any ideas?
>
> -Chris
>
>
The salt is not only $1$, $1$ is used by crypt system call to say to use
MD5 instead of DES.
The salt is $1$ plus 8 bytes and an optional $ ending char, something like:
$1$abcdefgh$........................ rest of the encrypted password.
/etc/shadow have this format
try man crypt