在我的NetBSD系统上,master.passwd中有一个密码哈希,如下所示:
$sha1$[5 numbers]$[8 letters]$[17 alpha numeric].[10 alpha numeric]
出于隐私考虑,我遗漏了实际值。有人愿意解释这个的不同部分吗?我的印象是SHA1导致了20个字节,所以我对实际哈希是什么部分非常困惑,盐是什么部分,其他部分是什么部分。
答案 0 :(得分:1)
相关部分可在NetBSD src/lib/libcrypt中找到。
格式为:crypt-sha1.c
The format of the encrypted password is:
$<tag>$<iterations>$<salt>$<digest>
where:
<tag> is "sha1"
<iterations> is an unsigned int identifying how many rounds
have been applied to <digest>. The number
should vary slightly for each password to make
it harder to generate a dictionary of
pre-computed hashes. See crypt_sha1_iterations.
<salt> up to 64 bytes of random data, 8 bytes is
currently considered more than enough.
<digest> the hashed password.
摘要是160位= 20个字节,但它使用base64(3个源字节为4个字节)到28个字节(一个零填充字节)进行编码。请参阅util.c。