kmanthey at imperitek.com
Thu Mar 29 09:36:31 EST 2001
Â Â Â I can only speak about the UFC
implementation of the crypt routine, but the UFC implementation only operates on
the first 8 bytes of the password.Â Any password greater than 8 bytes will
be truncated to 8 bytes and encrypted with a defined salt.
href="mailto:kmanthey at imperitek.com">kmanthey at imperitek.com
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
----- Original Message -----
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black">From:
To: <A title=ale at ale.org
href="mailto:'ale at ale.org'">'ale at ale.org'
Sent: Thursday, March 29, 2001 9:18
Subject: [ale] crypt()
I'm using the crypt function to check a users
passwd word against one in the /etc/passwd file.Â For testing purposes,
the password is password.Â I've noticed that when I issue any character
past 8 characters that
the user enters at the password prompt gets ignored
by crypt().Â I allow the user to enter a 32 character password so it they
enter password12345 they will be allowed access when password is the real
Has anyone else seen this?
More information about the Ale