Asp Forum - ruby-talk.com Expired?

James Gray

2/24/2005 7:10:00 PM

I use http://ruby-... style links on the Ruby Quiz site and I
just noticed that they have stopped working. Is ruby-talk.com expired?
Will it be coming back? Thanks.

James Edward Gray II

12 Answers

Chris Mueller

2/24/2005 7:28:00 PM

Hi, I'm looking at creating md5 passwords in ruby then manually
replacing the users pass in the /etc/shadow file. I unfortunately cannot
use the ruby-password or ruby-termios libraries as they are not in the
Debian-stable tree (long story).

I looked in the source for ruby-password and noticed that if the salt
supplied for crypt is $1$, the returned string is an md5 digest.
Unfortunately this does not work

crypt_pass = password.crypt("$1$as")

the resulting does not have enough chars

I also tried

crypt_pass = Digest::MD5.hexdigest(password)

This produces something a little closer to what I need, but if I
manually replace someone's password with this string, it also does not
work. Also, it appears to be 2 digits shorter than what /bin/passwd creates.

I've searched high and low for a few days now, and haven't been able to
come up with anything online.

Does anybody have any ideas?

-Chris

Javier Valencia

2/24/2005 7:32:00 PM

Chris Mueller wrote:

> Hi, I'm looking at creating md5 passwords in ruby then manually
> replacing the users pass in the /etc/shadow file. I unfortunately
> cannot use the ruby-password or ruby-termios libraries as they are not
> in the Debian-stable tree (long story).
>
> I looked in the source for ruby-password and noticed that if the salt
> supplied for crypt is $1$, the returned string is an md5 digest.
> Unfortunately this does not work
>
> crypt_pass = password.crypt("$1$as")
>
> the resulting does not have enough chars
>
> I also tried
>
> crypt_pass = Digest::MD5.hexdigest(password)
>
> This produces something a little closer to what I need, but if I
> manually replace someone's password with this string, it also does not
> work. Also, it appears to be 2 digits shorter than what /bin/passwd
> creates.
>
> I've searched high and low for a few days now, and haven't been able
> to come up with anything online.
>
> Does anybody have any ideas?
>
> -Chris
>
>
The salt is not only $1$, $1$ is used by crypt system call to say to use
MD5 instead of DES.
The salt is $1$ plus 8 bytes and an optional $ ending char, something like:

$1$abcdefgh$........................ rest of the encrypted password.

/etc/shadow have this format
try man crypt

Alan Garrison

2/24/2005 7:35:00 PM

James Edward Gray II wrote:

> I use http://ruby-... style links on the Ruby Quiz site and I
> just noticed that they have stopped working. Is ruby-talk.com
> expired? Will it be coming back? Thanks.
>
> James Edward Gray II
>
>
>

whois ruby-talk.com

[...]

Creation date: 21 Feb 2001 18:47:14
Expiration date: 21 Feb 2005 18:47:14

Would appear so.

--
Alan Garrison
Cronosys, LLC <http://www.cronos...
Phone: 216-221-4600 ext 308

Chad Fowler

2/24/2005 8:00:00 PM

On Fri, 25 Feb 2005 04:09:42 +0900, James Edward Gray II
<james@grayproductions.net> wrote:
> I use http://ruby-... style links on the Ruby Quiz site and I
> just noticed that they have stopped working. Is ruby-talk.com expired?
> Will it be coming back? Thanks.
>
> James Edward Gray II
>
>

My apologies. I should have announced this. Use ruby-talk.org and
everything should work as it used to. We chose not to renew all of
the redundant domains we had.

--

Chad Fowler
http://chad...
http://rubyc...
http://ruby...
http://rubygems.rub... (over 100,000 gems served!)

Ryan Davis

2/24/2005 8:21:00 PM

STOP! STOP creating new threads by hitting reply to an existing message
and changing the subject!

Curt Hibbs

2/24/2005 8:56:00 PM

Chad Fowler wrote:

[snipped all content]

> Chad Fowler
> http://chad...
> http://rubyc...
> http://ruby...
> http://rubygems.rub... (over 100,000 gems served!)

Hey... I like this!

We need to have a public celebration when at each order of magnitude! I'm
rooting for 1 million by the end of the year!

Curt

Ian Macdonald

2/24/2005 10:44:00 PM

On Fri 25 Feb 2005 at 04:28:17 +0900, Chris Mueller wrote:

> Hi, I'm looking at creating md5 passwords in ruby then manually
> replacing the users pass in the /etc/shadow file. I unfortunately cannot
> use the ruby-password or ruby-termios libraries as they are not in the
> Debian-stable tree (long story).
>
> I looked in the source for ruby-password and noticed that if the salt
> supplied for crypt is $1$, the returned string is an md5 digest.
> Unfortunately this does not work
>
> crypt_pass = password.crypt("$1$as")
>
> the resulting does not have enough chars

Can you show me your output?

It works for me:

[ianmacd@foobar]$ irb
irb(main):001:0> require 'password'
=> true
irb(main):002:0> "foo".crypt('$1$abcdefgh')
=> "$1$abcdefgh$XxzGe9Muun7wTYbZO4sdr0"

A smaller salt works, too:

irb(main):003:0> "foo".crypt('$1$ab')
=> "$1$ab$KdoFYgkGJOZ629oOkVUuD."

Ian
--
Ian Macdonald | Learn from other people's mistakes, you
System Administrator | don't have time to make your own.
ian@caliban.org |
http://www.c... |
|

Thomas E Enebo

2/24/2005 10:47:00 PM

On Fri, 25 Feb 2005, Ian Macdonald defenestrated me:
>
> Can you show me your output?
>
> It works for me:
>
> [ianmacd@foobar]$ irb
> irb(main):001:0> require 'password'
> => true
> irb(main):002:0> "foo".crypt('$1$abcdefgh')
> => "$1$abcdefgh$XxzGe9Muun7wTYbZO4sdr0"
>
> A smaller salt works, too:
>
> irb(main):003:0> "foo".crypt('$1$ab')
> => "$1$ab$KdoFYgkGJOZ629oOkVUuD."

Should they both output the same length digest (128 bit)?
Your second one looks a little short...

-Tom

--
+ http://www.tc.umn.... +---- mailto:enebo@acm.org ----+
| Thomas E Enebo, Protagonist | "A word is worth a thousand |
| | pictures" -Bruce Tognazzini |

Thomas E Enebo

2/24/2005 10:49:00 PM

On Fri, 25 Feb 2005, Thomas E Enebo defenestrated me:

> On Fri, 25 Feb 2005, Ian Macdonald defenestrated me:
> >
> > Can you show me your output?
> >
> > It works for me:
> >
> > [ianmacd@foobar]$ irb
> > irb(main):001:0> require 'password'
> > => true
> > irb(main):002:0> "foo".crypt('$1$abcdefgh')
> > => "$1$abcdefgh$XxzGe9Muun7wTYbZO4sdr0"
> >
> > A smaller salt works, too:
> >
> > irb(main):003:0> "foo".crypt('$1$ab')
> > => "$1$ab$KdoFYgkGJOZ629oOkVUuD."
>
> Should they both output the same length digest (128 bit)?
> Your second one looks a little short...

Whoops I just noticed this is prepending the salt :)
Nevermind....

-Tom

--
+ http://www.tc.umn.... +---- mailto:enebo@acm.org ----+
| Thomas E Enebo, Protagonist | "A word is worth a thousand |
| | pictures" -Bruce Tognazzini |

Alexander Kellett

2/25/2005 9:40:00 AM

On Feb 24, 2005, at 9:21 PM, Ryan Davis wrote:
> STOP! STOP creating new threads by hitting reply to an existing
> message and changing the subject!

tells you a lot about the quality of the mail clients most
people here use. a good client not only has a good auto inserting
addressbook making mails to the mailing list easy, but also probably
has useful completion for To: addresses, and on this particular
client i just client on the To: in a message itself and click
"new message", difficult huh? wtf is wrong with oss clients?
actually a more appropriate question would be.
why do people use such LAME clients??
</rant>

Alex

comp.lang.ruby

ruby-talk.com Expired?

James Gray

Chris Mueller

Javier Valencia

Alan Garrison

Chad Fowler

Ryan Davis

Curt Hibbs

Ian Macdonald

Thomas E Enebo

Thomas E Enebo

Alexander Kellett

x Login to ForumsZone