[389-users] SSHA and friends
Brandon G
bjg at solv.com
Wed Sep 22 19:26:32 UTC 2010
Rich Megginson wrote:
> 389 does support MD5 and Salted (SMD5) hashes, specifically for
> migration purposes. What format does $1$xxxx use?
>
It has been used in unix for some time now. $1$SEED$HASH is MD5;
depending upon what OS you use the number differs in the hash. Years
ago I rewrote crypt for FreeBSD to use $3$ for SHA1. I know Redhat is
now using $6$ for a form of SHA, I don't know which one.
>> Where is the Seed in SSHA?
>>
> At the end.
>
>> Is it a fixed length?
>>
> Yes, 8 bytes.
>
> But note that you cannot convert MD5 to (S)SHA.
Where is the standard that defines what the hash format is for the
various {types} ?
This is basically to make migration easier, if I could reformat a
"$1$seed$hash" into "{SMD5}hashseed"? and stuff it into userPassword,
the users have no disruption.
-Brandon
More information about the 389-users
mailing list