{"id":9,"date":"2006-10-11T13:10:41","date_gmt":"2006-10-11T10:10:41","guid":{"rendered":"http:\/\/lexa.tenet.ua\/blog\/2006\/10\/11\/solaris-crypt-better-password-hashing-algorithms\/"},"modified":"2006-10-11T18:06:11","modified_gmt":"2006-10-11T15:06:11","slug":"solaris-crypt-better-password-hashing-algorithms","status":"publish","type":"post","link":"https:\/\/lexa.od.ua\/blog\/2006\/10\/11\/solaris-crypt-better-password-hashing-algorithms\/","title":{"rendered":"Solaris Crypt : better password hashing algorithms"},"content":{"rendered":"

From Solaris 9 update 2, a new framework was introduced that would make it possible to select among a number of hash algorithms the famous one that would be used to compute the encrypted version of the passwords. Before that time, the traditional crypt() routine was used, limiting the size of passwords to 8 characters and providing the even more famous 13 characters found in the \/etc\/shadow<\/strong> file.The Solaris Pluggable Crypt Framework makes it possible to choose from 3 new algorithms, all allowing a maximal password size of 255 characters:<\/p>\n

# cat \/etc\/security\/crypt.conf
\n(\u2026)
\n1 crypt_bsdmd5.so.1
\n2a crypt_bsdbf.so.1
\nmd5 crypt_sunmd5.so.1
\n<\/strong><\/p>\n

What are these libraries?<\/p>\n

From the man pages:
\n# man crypt_bsdmd5<\/strong>
\n(\u2026)The crypt_bsdmd5 module is a one-way password hashing module for use with crypt(3C) that uses the MD5 message hash algorithm. (\u2026) The output is compatible with md5crypt on BSD and Linux systems.<\/p>\n

# man crypt_bsdbf<\/strong>
\n(\u2026)The crypt_bsdbf module is a one-way password hashing module for use with crypt(3C) that uses the Blowfish cryptographic algorithm. (\u2026)<\/p>\n

# man crypt_sunmd5<\/strong>
\n(\u2026)The crypt_sunmd5 module is a one-way password hashing module for use with crypt(3C) that uses the MD5 message hash algorithm. (\u2026)<\/p>\n