Gentoo Archives: gentoo-security

From: Sebastian Siewior <gentoo-security@×××××××××××××.cc>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] PAM/passwd? and hash tables
Date: Tue, 15 Nov 2005 13:43:05
Message-Id: 20051115133532.GD7534@Chamillionaire.breakpoint.cc
In Reply to: [gentoo-security] PAM/passwd? and hash tables by Stuart Howard
* Stuart Howard | 2005-11-15 13:03:48 [+0000]:

>Hi
Hi,
>My specific question is this - What method/cryptography is used to >create the passwd hash under PAM ie. is it vunerable to rainbow type >hash tables.
MD5 or SHA1 with "salt" and therefore it is _not_.
>PAM that generates the hash of my chosen password?
Almost. It is done by one of pam's module. Look in /etc/pam.d
>Does the "NBS DES algorithm" come under the "salt" method? and is it
The salt method is not algorithm specific. Emerge john and let it run on your local passwords and you will know what it is :) As far I remember the DES version was with salt, too (I have no clue what NBS stands for).
>regards > >stuart
-- regards Sebastian Siewior -- gentoo-security@g.o mailing list