Displaying 20 results from an estimated 1121 matches for "salt".
Did you mean:
halt
2010 Feb 14
3
salted passwords
The idea of salted hash algorithms is to generate a different hash
even if the same text is entered. That can be easily seen with dovecotpw:
using NON-salted SHA256, same hash is generated for a given password
[root at correio ~]# dovecotpw -s SHA256 -p 123
{SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eie...
2006 Apr 14
7
SHA2 Issues
Hello all,
Thank you in advance for your help with this. I am trying to implement
the user authentication method from Ruby Recipes which calls for the use
of SHA 2. Here is the code for the password:
def password=(pass)
salt = [Array.new(6){rand(256).chr}.join].pack("m").chomp
self.password_salt, self.password_hash = salt,
Digest::SHA256.hexdigest(pass + salt)
end
I open a console and can create a user but when I try to add a password
it says that the constant 256 is not initialized. I have changed t...
2016 Jul 21
4
Openssh use enumeration
...people add passwords to root, though I do like
> root since the account is always there,
Since committing that diff I've heard of people running in production
with no root password (ie *LK*, !! or similar).
It's about the same amount of code to search for the first account with
a valid salt, which would avoid this problem in the case where the root
account doesn't have a real password.
djm: what do you think?
diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
index 8913bb8..5385243 100644
--- a/openbsd-compat/xcrypt.c
+++ b/openbsd-compat/xcrypt.c
@@ -78,14 +78,18 @@...
2015 Jan 21
1
Kickstarting several *different* setups
On Tue, January 20, 2015 18:37, Les Mikesell wrote:
>
> There's also saltstack which is one of the newer of the bunch. It has
> some chance of working reasonably across different platforms. How
> you feel about it will probably depend on how you feel about python in
> general - and how you expect upgrades to go in the future.
>
Is this what you are talkin...
2011 Aug 07
1
SQL passdb lookups not working
Hello everyone,
I'm trying to make dovecot do user authentication against a SQL
database. The passwords (managed by Django) are stored as salted SHA1
encoded in hex. I monkey patched Django's password method so that the
password hash is made with <password><salt> (Django does
<salt><password>, the patched method was verified to return same value
as dovecotpw) and the passwords are stored in the database se...
2010 May 10
6
de-crypting Ruby password with php.
Hello all, I have a client with an older Rails 1.8 app (was recently
upgraded from 1.6) and I need to integrate a php site to use the same
user login creds.
I''m not very versed with Ruby but I think this is the code that
encrypts the password.
[code]
# Encrypts some data with the salt.
def self.encrypt(password, salt)
Digest::SHA1.hexdigest("--#{salt}--#{password}--")
end
# Encrypts the password with the user salt
def encrypt(password)
self.class.encrypt(password, salt)
end[/code]
So.... I have full db access so I have the encrypted passwords and
th...
2010 Jan 18
3
The role of self and :: within a method of a model
...ke in the code below.
Also in the code below, you see :: located in the method. Isn''t that used
for modules and namespaces? If so, why is it located in the method here.
These two things are preventing me from comprehending the below code:
def hash_new_password
# First reset the salt to a new random string. You could choose a
# longer string here but for a salt, 8 bytes of randomness is probably
# fine. Note this uses SecureRandom which will use your platform''s
secure
# random number generator.
self.salt = ActiveSupport::SecureRandom.base64(8)...
2012 Oct 02
2
[PATCH] Add SCRAM-SHA-1 password scheme
...babelmonkeys.de>
*
* This software is released under the MIT license.
*/
+#include <stdlib.h>
+
#include "auth-common.h"
#include "base64.h"
#include "buffer.h"
@@ -29,45 +31,22 @@
/* sent: */
const char *server_first_message;
- unsigned char salt[16];
- unsigned char salted_password[SHA1_RESULTLEN];
+ const char *snonce;
/* received: */
const char *gs2_cbind_flag;
const char *cnonce;
- const char *snonce;
const char *client_first_message_bare;
const char *client_final_message_without_proof;
buffer_t *proof;
+
+ /* stored */
+...
2017 Oct 27
3
Password encription
Aki Tuomi wrote:
> The use of salt, today, is to prevent the attacker from directly seeing
> who has same passwords. Of course it also will make a rainbow table
> attack less useful,
Not just less useful, but almost infeasible. Given the use of random
salts, you would have to generate (number of possible salts) rainbow
table...
2003 Sep 15
1
md5 salt
Hi,
I was looking at the crypt(3) manpage, and I'm having a hard time figuring
out what the allowed characters are for the salt in md5 and blowfish
encryption. For DES, it clearly states that only numbers, letters and
digits may be used.
Does anyone know the rules for md5/blowfish salt characters?
Thanks,
Charles
--
Charles Sprickman
spork@inch.com
2009 Nov 09
4
Decrypt a admin password (with salt)
Hello,
I want decrypt a password which is encrypted by MD5.
there are 4 functions which i am using :
# Encrypts some data with the salt.
def self.encrypt(password, salt)
Digest::SHA1.hexdigest("--#{salt}--#{password}--")
end
# Encrypts the password with the user salt
def encrypt(password)
self.class.encrypt(password, salt)
end
def authenticated?(password)
crypted_password = encrypt(password)
en...
2004 Aug 06
0
one more try..
...s with it.
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#ifndef lint
static char rcsid[] = "@(#)$Id: mkpasswd.c,v 1.1.1.1 1999/03/05 22:40:55
barath Exp $";
#endif
extern char *getpass();
int main(argc, argv)
int argc;
char *argv[];
{
static char saltChars[] =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
char salt[3];
char * plaintext;
int i;
if (argc < 2) {
srandom(time(0)); /* may not be the BEST salt, but its close */
salt[0] = saltChars[random() % 64];
salt[1] = saltChars[random() % 6...
2017 Jan 11
2
Dovecot and MariaDB/MySQL
...nt.
I already have it working, following the instructions at
https://www.linode.com/docs/email/postfix/email-with-postfix-dovecot-and-mysql-on-centos-5/
- those instructions also work in CentOS 7 with the latest Dovecot - but
there is something that really bothers me.
It makes no provision for salting the password before the crypt function.
What I would like to do is when creating a new account, use /dev/urandom
to generate a random salt for the account that is stuck in the database
along with the account and used when validating the password.
That way in the event of a SQL injection atta...
2005 Oct 20
2
Salted Login Generator Installation
Hi,
I am trying to install the salted login generator from
rubygems. I have version 0.13.1 of rails installed.
When I try to install the salted login generator (gem
install salted_login_generator) it asks:
Install required dependency rails?
If I select yes it says:
RubyGem version error: rails(0.11.1 not >= 0.13.1)
and fails...
2016 Oct 08
3
LLVM Social in Salt Lake City, UT (Nov. 14th)?
Hi everyone,
On Monday, November 14, 2016 the LLVM in HPC workshop will be held in Salt Lake City, Utah (in conjunction with the SC16 conference). For last year's workshop, which was in Austin, we held an LLVM social the evening of the workshop, and I think that turned out really well. If you'll be in Salt Lake City and are interested in attending an LLVM social on the evening...
2013 Apr 16
1
SSHA512 auth not working
I'm trying to configure SSHA512 passwords and when testing discovered
that they were not working as expected.
At first i was using Centos 6.4 which doesn't have the glibc CRYPT
newest functions ($6$salt$pass) so had to rollback to the Dovecot format
({SSHA512.HEX}saltedpassword+salt ) but I'm unable to let dovecot
authenticate properly.
Some logs and details:
Apr 16 02:55:37 auth: Debug: client in: AUTH 1 PLAIN
service=imap lip=xxx rip=xxx lport=143 rport=58171...
2007 Feb 24
1
Bigcrypt password patch
...ode is based on published
+ * interfaces and reasonable guesswork.
+ *
+ * Description: The cleartext is divided into blocks of SEGMENT_SIZE=8
+ * characters or less. Each block is encrypted using the standard UNIX
+ * libc crypt function. The result of the encryption for one block
+ * provides the salt for the suceeding block.
+ *
+ * Restrictions: The buffer used to hold the encrypted result is
+ * statically allocated. (see MAX_PASS_LEN below). This is necessary,
+ * as the returned pointer points to "static data that are overwritten
+ * by each call", (XPG3: XSI System Interface + H...
2012 Mar 21
0
Kerberos failed password not working
...ticket life: 0 days 10:00:00
Maximum renewable life: 0 days 20:00:00
Last modified: Fri Mar 16 14:29:33 EDT 2012 (root/admin at TESTKDC)
Last successful authentication: [never]
Last failed authentication: [never]
Failed password attempts: 0
Number of keys: 6
Key: vno 1, aes256-cts-hmac-sha1-96, no salt
Key: vno 1, aes128-cts-hmac-sha1-96, no salt
Key: vno 1, des3-cbc-sha1, no salt
Key: vno 1, arcfour-hmac, no salt
Key: vno 1, des-hmac-sha1, no salt
Key: vno 1, des-cbc-md5, no salt
MKey: vno 1
Attributes:
Policy: NewUser
[root at hpctest-krb2 ~]# kinit testuser
Password for testuser at TESTKDC:
ki...
2016 Jul 21
3
Openssh use enumeration
...2:31 PM, Selphie Keller
<selphie.keller at gmail.com> wrote:
> Ahh i see, just got up to speed on the issue, so seems like the issue is
> related to blowfish being faster then sha family hashing for longer length
> passwords,
or the system's crypt() not understanding $2a$ -style salts, which
most glibcs don't. On those, crypt fails immediately due to invalid
salt.
> so there is a time lag difference between the blowfish internal
> hash and the sha family hash, though this could be tricky to fix since some
> systems may still use blowfish based hashing and changin...
2018 May 21
2
split brain? but where?
Hi,
I seem to have a split brain issue, but I cannot figure out where this is
and what it is, can someone help me pls, I cant find what to fix here.
==========
root at salt-001:~# salt gluster* cmd.run 'df -h'
glusterp2.graywitch.co.nz:
Filesystem Size Used
Avail Use% Mounted on
/dev/mapper/centos-root 19G 3.4G
16G 19% /
devtmpfs...