Dave's Brain

Browse - Programming Tips - What's the format of the hashed password in /etc/shadow ?

Date: 2014sep2

Q.  What's the format of the hashed password in /etc/shadow ?

A.  The manual page for crypt(3) says:

	If  salt is a character string starting with the characters "$id$" fol-
	lowed by a string terminated by "$":


	then instead of using the DES machine,  idm  identifies  the  encryption
	method  used  and  this  then  determines  how the rest of the password
	string is interpreted.  The following values of id are supported:

		ID  | Method
		1   | MD5
		2a  | Blowfish (not in mainline glibc; added in some Linux distributions)
		5   | SHA-256 (since glibc 2.7)
		6   | SHA-512 (since glibc 2.7)

	So $5$salt$encrypted is an SHA-256 encoded password and
	$6$salt$encrypted is an SHA-512 encoded one.

	"salt" stands for the up to 16 characters following "$id$" in the salt.
	The encrypted part of the password string is the actual computed  pass-
	word.  The size of this string is fixed:

		MD5     | 22 characters
		SHA-256 | 43 characters
		SHA-512 | 86 characters

	The  characters  in  "salt"  and  "encrypted"  are  drawn  from the set
	[a–zA–Z0–9./].  In the MD5 and SHA implementations the  entire  key  is
	significant (instead of only the first 8 bytes in DES).

But what's not explicitly said is:

	- The bytes in the salt are not saved in consecutive order
	- The hashed password looks like its regular based64 but uses a different alphabet
	- The hash algorithm is run for 5000 rounds by default

More info:

Add a comment

Sign in to add a comment
Copyright © 2008-2017, dave - Code samples on Dave's Brain is licensed under the Creative Commons Attribution 2.5 License. However other material, including English text has all rights reserved.