[ale] Password hashes bent
Joe Knapka
jknapka at charter.net
Mon Jul 24 20:06:53 EDT 2000
Hi, folks,
I just upgraded my masq firewall from Slackware 3.0 to Slack
7.1. Everything is basically working, but I have one very
bizarre problem: I can't log in to the machine using either
ssh or telnet anymore.
I saved the firewall rules and so forth from the previous
install, and they work (I'm sending this message from a
machine behind the firewall.) That's not the problem. After
pulling my hair out for a while, I ended up instrumenting
sshd to print the hashed password from the shadow password
file and the hashed password it gets by running crypt() on
the plain text password, and.... THEY'RE DIFFERENT! Which
is insane, because I can still login at the console without
any trouble, which means that -getty- is calling crypt() and
getting the right answer. It's almost as if sshd and getty
are calling different versions of crypt(). But I've verified
that getty and sshd are linked against the same version of
glibc, so I don't see how this is possible.
One thing that I notice is that the encrypted passwords in
the shadow password file are much longer than those yielded
by crypt() = something like 3 times as long.
Any ideas?
TIA,
-- Joe
--
*** Joe Knapka ***
I don't know anything about music. In my line you don't have to.
-- Elvis Presley
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list