MD5 crypting

[Brian McKee]

On Fri, May 1, 2009 at 1:27 AM, Preston Kutzner <shizzlecash at gmail.com> wrote:

> The hashes are different each time it's run because md5-hashed
> passwords (just like crypted passwords) use a randomly generated salt
> each time.  The salt for an MD5-hashed password comes from a specific
> character set and is 8 characters in length.
>
>>
>> Is there a salt in there somewhere?  If so, how does grub know what
>> the salt is?
>
> You can find the salt of an md5-hashed password just by looking at
> it.  Here's an example password:
>
> $1$S2DicXTU$gDrqCB/13hPrU/gdnCvZC1
>
> The dollar-signs '$' are field delimiters in the hashed password.  The
> '1' after the first '$' denotes that this is an md5-hashed password.
> Everything between the 2nd and 3rd '$' is the salt, in this case
> 'S2DicXTU'.  Everything after the 3rd '$' is the hashed value of the
> combination of the salt and the plain-text password.

> When grub or pam checks your passphrase, it doesn't actually decrypt
> the has and check your entered password against the decrypted one, it
> just re-hashes the password you entered, using the same salt and
> compares the results.  If they match, it means you entered the correct
> password, if not, obviously you didn't.

> You can also get one using openssl as follows:
> $ echo -n "password" | openssl passwd -1 -stdin

Thanks very much!  I didn't realize the plain text of the salt was right there.
Add that to your clear instructions and it makes perfect sense.
Just to show I'm paying attention...using the highly secure password
string 'password'

==> grub-md5-crypt
Password:
Retype password:
$1$FtGQ0/$DVkLCAW6nkHiWnmB3A9fw.

==> openssl passwd -1 -salt FtGQ0/
Password:
$1$FtGQ0/$DVkLCAW6nkHiWnmB3A9fw.

And what do you know - they match!

Now I got it.

Thanks again!

Brian
-- 
All you need to know about Ubuntu 9.04 Jaunty
-> gconftool -s --type bool /apps/update-notifier/auto_launch false