> This is probably an RTFM question, but I haven't got an FM handy to fing the
> answer.
Actually, it probably isn't. Well, not one of our manuals anyway.
> Can someone tell me how password encryption works under unix? I know that
> the password is encrypted using the password as the key, and that it is
> encrypted with the DES algorithm 15 times. However this is as far as my
> knowledge of it goes.
My suggestion is to have a look at the source for crypt(). It's freely
available. You may also want to have a look at the variants of crypt(),
like fcrypt(). These may help with your understanding of the encryption
process. fcrypt is available from UQ (a guy there wrote a fast DES
library and ssleay etc).
> The reason I am asking is we are implementing some password protection on an
> embedded system and I have been led to believe that the unix password
> encryption is very secure.
It's only as secure as DES. So using qualitative terms like "very" can
be dangerously misleading.
Peter
------------------------------------------------------------------------
Peter Meric pmeric@nospam.socs.uts.edu.au
pmeric@nospam.progsoc.uts.edu.au
pmeric@nospam.vislab.usyd.edu.au
http://www.progsoc.uts.edu.au/~pmeric
-- You are subscribed to the progsoc mailing list. To unsubscribe, send a message containing "unsubscribe" to progsoc-request@nospam.progsoc.uts.edu.au. If you are having trouble, ask owner-progsoc@nospam.progsoc.uts.edu.au for help.This list is archived at <http://www.progsoc.uts.edu.au/lists/progsoc/>