Hi friends,


can any one let me know what hash algorithm is used by linux system for its shadow passwords. I'm totally confused some say MD5 and some SHA-512 which one is true and can give the source for answer if got them.

Thanks

linux learner

as of Dec 2008, MD5 is known to be broken. Older linux distributions used MD5. Newer ones do not.

the US Government declared

Do not use the MD5 algorithm

Software developers, Certification Authorities, website owners, and users should avoid using the MD5 algorithm in any capacity. As previous research has demonstrated, it should be considered cryptographically broken and unsuitable for further use.

--US-CERT Vulnerability Note VU#836068 (Dec 2008)


.

Edited 6 Years Ago by jephthah: n/a

Hi friends,


can any one let me know what hash algorithm is used by linux system for its shadow passwords. I'm totally confused some say MD5 and some SHA-512 which one is true and can give the source for answer if got them.

Thanks

linux learner

Only older kernels that haven't been updated would have MD5, now. MD5 encryption was found to be weak when collision analysis was applied.

Before saying anything definitive about their current encryption method, you should check with the homepage of the version of Linux you are interested in. I don't know of any list of the distro's, and what encryption each one is using.

Comments
"me too"

Only older kernels that haven't been updated would have MD5, now ... you should check with the homepage of the version of Linux you are interested in. I don't know of any list of the distro's, and what encryption each one is using.

it doesnt depend on the kernel, and the homepage isnt going to tell you what hash is used for password authentication.

if you're going to "me too" a thread, at least post some useful or at least correct information.

the password hashing algorithm is set in the /etc/pam.d by the pam_unix login script. any hash method can be set, whehter it's Blowfish or SHA256 or SHA512 or others. MD5 is still an option but probably should not be set. there are provisions to revert to a default hash algorithm if an option is set that is not available. this default may still be MD5 in many cases.

upon further review, it seems that some (perhaps many) distributions may still have MD5 set as default during the install. of course this can be changed by the installer.

collision attack weakness is important for digital certificates. the so-called preimage attack is theoretical. checksums can be generated in advance by a malicious software writer, but practically speaking for password encryption, this is not an issue if a sufficiently-long salt string is used, which seems to be the case.

.

Edited 6 Years Ago by jephthah: n/a

This article has been dead for over six months. Start a new discussion instead.