[TriLUG] don't understand salt
Aaron Joyner
aaron at joyner.ws
Sat Jun 9 09:04:07 EDT 2012
The salt does not need to be stored any more securely than the password
hash. If its not clear why, ask and I'll elaborate. The standard mechanism
on a linux box is to store the salt as part of the password hash in
/etc/shadow. It's the first two bytes of the value in the second field of
/etc/shadow.
See the man pages for 'shadow' and 'crypt' for more details.
Aaron S. Joyner
On Jun 9, 2012 8:54 AM, "Joseph Mack NA3T" <jmack at wm7d.net> wrote:
> On Sat, 9 Jun 2012, Chris Short wrote:
>
> This might help you get a better idea:
>> http://queue.acm.org/detail.**cfm?id=2254400<http://queue.acm.org/detail.cfm?id=2254400>
>>
>
> thanks. I've already read this (and googled for articles on salting) and
> although it tells me why I need a salt (which I already knew), it doesn't
> tell me how the salt is stored securely for later authentication.
>
>
> Joe
>
> --
> Joseph Mack NA3T EME(B,D), FM05lw North Carolina
> jmack (at) wm7d (dot) net - azimuthal equidistant map
> generator at http://www.wm7d.net/azproj.**shtml<http://www.wm7d.net/azproj.shtml>
> Homepage http://www.austintek.com/ It's GNU/Linux!
> --
> This message was sent to: Aaron S. Joyner <aaron at joyner.ws>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/**listinfo/trilug<http://www.trilug.org/mailman/listinfo/trilug>
> Unsubscribe or edit options on the web : http://www.trilug.org/mailman/**
> options/trilug/aaron%40joyner.**ws<http://www.trilug.org/mailman/options/trilug/aaron%40joyner.ws>
> TriLUG FAQ : http://www.trilug.org/wiki/**
> Frequently_Asked_Questions<http://www.trilug.org/wiki/Frequently_Asked_Questions>
>
More information about the TriLUG
mailing list