3

I'm trying to mimic the creation of password strings as they appear in /etc/shadow.

This is what I've got so far, but the encrypted passwords don't match, when I use the same password and the same salt.

5000 rounds is standard for crypt, so I used that as well, but I don't see where exacly I made a mistake:

I'm doing this in Perl, this is the relevant porion:

($pass, $salt) = @ARGV;

unless(defined($salt)) {
    $salt = MIME::Base64::encode(random_bytes(12), '');
}

for $i (1 .. 4999) {
    $pass = Digest::SHA::sha512($salt, $pass);
}

say "";

print '$6$', $salt, '$', Digest::SHA::sha512_base64($salt, $pass), "\$\n";
4

2 回答 2

2

The crypt algorithm involves a lot more than just re-hashing 5,000 times:

于 2010-09-24T11:32:45.377 回答
1 
perl -e 'print crypt("qwerty", "\$6\$somesalt\$")'
于 2011-12-28T07:39:16.213 回答