For those interested here is perl program to generate Crypt-PW's with a propper salt. #!/usr/bin/perl $salt=salt(); print "password encryptee, [CTRL]-D quits.\n"; while (<STDIN>) { chop; $text=crypt($_,$salt); print $text."\n"; } sub salt { local($salt); local($i, $rand); local(@itoa64) = ( 0 .. 9, a .. z, A .. Z ); # 0 .. 63 # to64 for ($i = 0; $i < 8; $i++) { srand(time + $rand + $$); $rand = rand(25*29*17 + $rand); $salt .= $itoa64[$rand & $#itoa64]; } return $salt; } Tyler Walden - twaldenat_private Alternate Access http://www.aa.net Network Operations - nocat_private On Fri, 8 Jun 2001 aleph1at_private wrote: > This is a very old problem. See > http://www.securityfocus.com/archive/1/5494 (1996) > http://www.securityfocus.com/archive/1/34191 (1999) > > NSI obviously does not care much about the security. I haven't been > able to get PGP authentication working in months. > -- > Elias Levy > SecurityFocus.com > http://www.securityfocus.com/ > Si vis pacem, para bellum >
This archive was generated by hypermail 2b30 : Sun Jun 10 2001 - 16:38:35 PDT