*BSD News Article 38903


Return to BSD News archive

Path: sserve!newshost.anu.edu.au!munnari.oz.au!news.Hawaii.Edu!ames!lll-winken.llnl.gov!sol.ctr.columbia.edu!startide.ctr.columbia.edu!wpaul
From: wpaul@ctr.columbia.edu (Bill Paul)
Newsgroups: comp.os.386bsd.questions
Subject: Re: Crypting passwords...
Date: 26 Nov 1994 17:54:56 GMT
Organization: Columbia University Center for Telecommunications Research
Lines: 70
Message-ID: <3b7spg$qtu@sol.ctr.columbia.edu>
References: <3b7mqb$l2d@sundog.tiac.net>
NNTP-Posting-Host: startide.ctr.columbia.edu
X-Newsreader: TIN [version 1.2 PL2]

Daring to challenge the will of the almighty Leviam00se, Brian McGovern (mcgovern@spoon.beta.com) had the courage to say:
: I've been having an interesting problem under FreeBSD 1.1.5.1 trying to
: crypt passwords. After mulling through the code for passwd, it looks
: like the way passwords are encrypted is something like this:

: crypted_password = crypt(ClearTextPassword, ClearTextPassword);

No, not quite. It's more like this:

crypted_password = crypt(ClearTextPassword, TwoCharacterSalt);

If you check /etc/master.passwd, you'll see that each password is 13
characters long. The first 2 are not really generated by crypt(): they're
what's called the salt. See, here's the deal: the crypt() algorithm,
while (supposedly) impossible to reverse, is not random. If I ask it
to encrypt the word "spam" several times, it would generate the same
ciphertext each time. This means, among other things, that if I set my
password to "spam," then changed it to "the_larch" because I thought
someone might have cracked it, and *then* set it back to "spam" again
because I thought it was safe to use it again, it would be possible
to tell just by looking at the ciphertext in the password file that I
had switched back to my old password.

In order to prevent this, the passwd program generates a random 2
character salt string which is used to further perturb the ciphertext.
The characters it chooses are different each time, so you can enter
the same password several times, and each time you get different
ciphertext. The salt is then prepended to the 11 character ciphertext
string and stored in the password file.

When authentication programs like /usr/bin/login or su need to check
a password, they extract the salt stored in the password file, then
use that to encrypt the password typed in by the user. If the resulting
ciphertext matches that in the password file, then the user is
authenticated, otherwise he gets the razz. 

You can check the crypt(3) man page for to use the crypt() function in
your programs. Experiment with it a couple of times before you put your
code into production. Note that I don't think you'll be able to actually
read valid passwords out of the user database in FreeBSD unless you're
root. I haven't actually sat down to write a program to confirm this,
but the master.passwd and spwd.db files are readable and writable only
by root, so I'd be very surprised if a non-privileged user was able to
extract information from them without a setuid-root program. (NIS password
maps notwithstanding, of course.)

Also, you posted a second messages asking where to find documentation on
all the FreeBSD 2.0 kernel configuration options. Well, unfortunately,
there doesn't seem to be a lot of really good documentation in that area
in 2.0. One good place to look is /usr/src/sys/i386/conf/LINT, which is
a monster sample config file with all the available options turned
on. You could also check under /usr/share/FAQ, though I don't remember
seeing anything too helpful in there. FreeBSD 1.1.5[.1] had a
/usr/src/sys/doc/options.doc file that was very helpful, but it seems
we might have to wait until 2.1 for it to come back. You can try looking
at the man pages for various individual device drivers for some
configuration info too. Unfortunately, some things are just not documented
at all, like the fact that 'config [kernelname] swap generic' is legal
but doesn't work because /usr/src/sys/i386/i386/swapgeneric.c is busted.
(I'm hoping to fix this myself unless somebody beats me to it.) Just
keep your eyes open and don't make any sudden moves, and you'll be okay. :)


: 	Thankx.
: 		Brian


--
-Bill Paul
wpaul@ctr.columbia.edu