[j-nsp] Format of SHA1 Passwords

Chris Morrow morrowc at ops-netman.net
Tue Dec 3 12:05:47 EST 2013

On 12/03/2013 11:46 AM, Chip Marshall wrote:
> On 2013-12-03, Chris Morrow <morrowc at ops-netman.net> sent:
>>> I get things like "$sha1$19418$aoTClyGU$cix8MhZsXwG6OrwUgeHAoOA8f.AX"
>>> where it appears to have the format, some number, what I think is
>>> the salt, and then the hash.
>>> Anyone know how these things are calculated?
>> we do this calculation.... I believe your intended format is:
>>   $1$salt$hash
>> or that seems to be what our code does.
> That's for MD5 passwords. I have a requirement to use SHA-1.

oh, ha! :( hrm... so, I set a passwd of 'flipfl0p!' for a user after
setting the passwd format to sha1 ... and I see:


and yea.... the format isn't as simple as:

>>> import hashlib
>>> p = 'flipfl0p!'
>>> s = 'mROzSQ4a'
>>> hashlib.sha1(p+s).hexdigest()


More information about the juniper-nsp mailing list