[j-nsp] Decode $9$ encrypted Junos secrets
Chris Cappuccio
chris at nmedia.net
Tue Mar 20 19:16:00 EDT 2012
For one-way hash:
http://www.openwall.com/john/
Matt Hite [lists at beatmixed.com] wrote:
> On Tue, Mar 20, 2012 at 10:54 AM, Phil Shafer <phil at juniper.net> wrote:
> > Matt Hite writes:
> >>It's interesting to note just how many things are stored in $9$
> >>encrypted format: RADIUS secrets, IS-IS authentication keys, BGP MD5
> >>secrets, etc.
> >
> > It's really obfuscation, not encryption. ?These are values that
> > have to be available in raw form to various software components.
> > So we have this "unreadable" type that obfuscates the values so
> > someone looking over your shoulder won't immediately know your
> > secrets.
> >
> > In contrast, user passwords are encrypted in a "one way" method
> > using the normal md5 hash marker ("$1$"). ? These cannot be
> > reversed like the $9$ values.
>
> Absolutely. Your clarification is appreciated.
>
> -M
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
--
The language of the totalist environment is characterized by the thought-terminating cliche. The most far-reaching and complex of human problems are compressed into brief, highly reductive, definitive-sounding phrases, easily memorized and easily expressed. These become the start and finish of any ideological analysis. - Robert Jay Lifton
More information about the juniper-nsp
mailing list