[j-nsp] Format of SHA1 Passwords
Giuliano Cardozo Medalha
giuliano at wztech.com.br
Tue Dec 3 12:21:52 EST 2013
set system password format sha-1
Sent from my iPhone
> On 03/12/2013, at 15:16, Mark Felder <feld at feld.me> wrote:
>
>
>
>> On Tue, Dec 3, 2013, at 10:46, Chip Marshall wrote:
>> On 2013-12-03, Chris Morrow <morrowc at ops-netman.net> sent:
>>>> I get things like "$sha1$19418$aoTClyGU$cix8MhZsXwG6OrwUgeHAoOA8f.AX"
>>>> where it appears to have the format, some number, what I think is
>>>> the salt, and then the hash.
>>>>
>>>> Anyone know how these things are calculated?
>>>
>>> we do this calculation.... I believe your intended format is:
>>> $1$salt$hash
>>>
>>> or that seems to be what our code does.
>>
>> That's for MD5 passwords. I have a requirement to use SHA-1.
>
> JunOS is based on FreeBSD, and FreeBSD doesn't support SHA-1 password
> hashes. Your choices are:
>
> DES: (no identifier)
> MD5: $1$
> Blowfish: $2$
> NTHASH: $3$
> SHA256: $5$
> SHA512: $6$ (likely not supported as it's recent to FreeBSD)
>
> And how to generate a hash (just change the identifier; it will create
> the right hash):
>
> python -c "import crypt, getpass, pwd; print crypt.crypt('password',
> '\$1\$SALTsalt\$')"
>
> Just make sure you use a different salt for each password.
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list