From: "Jo�o C�ndido de Souza Neto" on
I�ve got the setting in my /etc/login.defs file as bellow:

# Use MD5 or DES to encrypt password? Red Hat use MD5 by default.
MD5_CRYPT_ENAB no

ENCRYPT_METHOD SHA512

So, when I try to get this:

echo hash("sha512", $_POST["password"]);

It does not match the password the user�s got in /etc/shadow file.

Anyone knows why?

--
Jo�o C�ndido de Souza Neto


From: "Bob McConnell" on
From: João Cândido de Souza Neto

> I´ve got the setting in my /etc/login.defs file as bellow:
>
> # Use MD5 or DES to encrypt password? Red Hat use MD5 by default.
> MD5_CRYPT_ENAB no
>
> ENCRYPT_METHOD SHA512
>
> So, when I try to get this:
>
> echo hash("sha512", $_POST["password"]);
>
> It does not match the password the user´s got in /etc/shadow file.
>
> Anyone knows why?

I believe you forgot the salt. Traditionally, Unix adds an additional value to the password before it is encrypted. I don't know where that comes from.

Bob McConnell