How does openssl decrypt a password

password encryption openssl ssl
22,301

Solution 1

openssl crypt you password with an algorithm and a salt. If you do not provided a salt an random is choosen.

the salt is given in the resulting hash.

for instance

 openssl passwd -1 foo
 $1$pyuddMjp$3.deTnHdrVVVLoh5zkQ0B.

where

  • 1 is proticol (md5 here)
  • pyuddMjp is salt

If I want to verif you know passwd (i.e. foo), I need to compare resulting hash, using passwd option with salt.

  • with x=bar

    openssl passwd -1 -salt pyuddMjp $x $1$pyuddMjp$kNkQHWoF8WVh7Oxvae5YX1

  • with x=foo

    openssl passwd -1 -salt pyuddMjp $x $1$pyuddMjp$3.deTnHdrVVVLoh5zkQ0B.

Solution 2

First of all openssl command is usually not used to encrypt passwords. You can read about openssl at http://en.wikipedia.org/wiki/OpenSSL

On Unix systems passwords are encrypted with a one way hash, so there is no way to decrypt them to get back the original.

In one way encryption the salt is usually a pre determined string or generated from the plain text version, for example the first few characters, and you will use that to regenerate the hash and compare the two.

You mentioned php, you can check php crypt function for more information.

Share:
22,301

Related videos on Youtube

David Cesar Santos
Author by

David Cesar Santos

Updated on September 18, 2022

Comments

  • David Cesar Santos
    David Cesar Santos over 1 year

    I'm learning about encryption and decryption on linux and php. So I have three questions about openssl and how it generates password hashes.

    1- So say I generated a password with the linux command

    openssl passwd

    My first observation is that every time I generate a hash, it's different! Why is that? Is it because of salt? That's my first question.

    2- Now my second question is about testing this password. Say I want to test the correctness of this password and get a binary answer, whether it's correct or not. How do I do that with openssl? If my question doesn't make sense, then how is openssl passwd useful?

    3- If I encrypt my password with a hash using openssl passwd, and every time there's a random salt added to it, how does openssl decrypt it (or any other program for that matter)?

    Thank you.

  • David Cesar Santos
    David Cesar Santos over 9 years
    Thank you for the response. This is helpful. But I still am wondering about how this works without the "-1" in the command. Why do I still get a different result each time?
  • Арсений Черенков
    Арсений Черенков over 9 years
    without -1 option, crypt() is used, the salt are the first two caracter.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Generate private key encrypted with password using openssl
What is the role of cakey.pem and cacert.pem in addition to .key and .crt based encryption
Decrypt PEM containing key and certificate
Encrypt temporary password using public ssh key
convert .p7b key to a .pfx
How to produce p12 file with RSA private key and self-signed certificate
OpenSSL client certificates vs server certificates
How do you test a public/private DSA keypair?
Cannot connect to wss with Flutter
ssl SSLError outines:SSL_CTX_use_certificate_chain_file:PEM lib