matthias at winterdrache.de
Thu Jan 17 12:59:44 PST 2002
On 17 Jan 2002, at 11:27, Bruce Dubbs wrote:
> Matthias Benkmann wrote:
> > On 17 Jan 2002, at 10:47, Bruce Dubbs wrote:
> >>password? If you were cracking passwords a lot, you could just generate
> >>all combinations up to a certain length on a large hard disk and do a
> >>binary search on the digest and get any of those PWs in less than a
> > To prevent this, a so-called salt is used. You do not only encrypt the
> This is true over the net with such programs as ssh in negotiating
> session passwords, but is it also true with a console logon?
man crypt gives
char *crypt(const char *key, const char *salt);
so the standard crypt() function uses a salt.
I don't see
> how the system would know what salt to apply--it would have to be saved
It's saved in /etc/passwd along with the encrypted password.
Why is TV called a medium?
Because it's neither rare nor well done.
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message
More information about the lfs-security