Pass-phrases vs. passwords
Danilo Piazzalunga
danilopiazza at libero.it
Tue Feb 15 17:32:59 UTC 2005
Eric Dunbar wrote:
> PS FM(y)I What is the password length for *nix systems using the
> different (& most common) types of authentication?
Local passwords allow a maximum of 127 characters (bytes). The relevant lines
from src/passwd.c, shadow source package:
if (getdef_bool ("MD5_CRYPT_ENAB"))
pass_max_len = 127;
The password is encrypted using an MD5-based algorithm, as crypt(3) reveals. A
"salt" (random key) is used to perturb the algorithm, so that the result of
crypt(password,salt) changes even if the password is the same.
Here is an example entry from /etc/shadow(*). I chose the '*' character as
password; your result won't be the same, because of the different salt.
root:$1$J7IPJMEa$otvIGcopuj/gwBatO9UPc0:12829:0:99999:7:::
[a][ b ][ c ]
Legend:
[a] $1$ indicates that MD5 encryption is used.
[b] An eigth chars representation of the salt. The dollar character is used as
field delimiter, and is not part of the key.
[c] The encrypted password, resulting from crypt(password,salt). When you
enter the password, the crypt() function is called again (using the salt
value from [b] and the result is compared with this field.
(*) don't worry, I locked my root account again after the tests :-)
*
* Final note: Should you decide to experiment with "dummy" passwords,
* remember to lock the root account afterwards (sudo passwd -l root).
*
--
Danilo Piazzalunga +--------------------+
PGP Key available at subkeys.pgp.net | Linux User #245762 |
Fingerprint: D018 815E 8C7F 2AE2 5565 | ICQ #105550412 |
0C36 B5F6 DB20 B800 CB9F +--------------------+
More information about the ubuntu-users
mailing list