How to set specify encryption hash when creating Linux user?

linux password hash
8,637

The easiest method to set a up a password with a non-default hashing method is to manually hash the password first and then supply that password when setting up the user:

 adduser --password HASHEDPASSWORD user

Where the HASHEDPASSWORD must follow your system's standards for the crypt function (man 3 crypt):

If salt is a character string starting with the characters "$id$" followed by a string terminated by "$":

         $id$salt$encrypted

then instead of using the DES machine, id identifies the encryption method used and this then determines how the rest of the password string is interpreted. The following values of id are supported:

          ID  | Method
          ---------------------------------------------------------
          1   | MD5
          2a  | Blowfish (not in mainline glibc; added in some
              | Linux distributions)
          5   | SHA-256 (since glibc 2.7)
          6   | SHA-512 (since glibc 2.7)

So $5$salt$encrypted is an SHA-256 encoded password and $6$salt$encrypted is an SHA-512 encoded one.

To generate a correct hash from the commandline you can look here.

Share:
8,637

Related videos on Youtube

Cyrill Gremaud
Author by

Cyrill Gremaud

I'm telecommunication engineer

Updated on September 18, 2022

Comments

  • Cyrill Gremaud
    Cyrill Gremaud almost 2 years

    I want to create a few Linux user on my computer to test JohnTheRipper against different kind of password (including length, charset and encryption hash method). How can I easily specify which hashing algorithm to use when creating a new user ? I know that the file /etc/login.defs contains the variable ENCRYPT_METHOD which is set to SHA512 by default on many Debian system but I would know if it is possible to use another encryption hash without modifying this file.

    ps: I tried to modify this file, rebooting and create a new user with command adduser but the encryption hash method user is always the SHA512

    thanks

  • Cyrill Gremaud
    Cyrill Gremaud about 9 years
    Thank for the reference to the other post. It is helpful. But your example with add user doesn't work on my host because --password is an unknow option.
  • Cyrill Gremaud
    Cyrill Gremaud about 9 years
    It is working if I use mkpassword tool, and copy and past the output to /etc/shadow for the corresponding user. I will test it and edit my response

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Is it possible to change password database file(/etc/passwd) in linux?
Taking a picture with a laptop webcam after entering an incorrect password
Disable password complexity check (PAM)
Resetting password in Linux Mint when disk is encrypted
How to set a new password from bash?
mkpasswd on Centos 7 does not support -m flag
Debian 7 password recovery
linux + when change passwd we get permission denied
How to disable account expiration and mandatory change of password after it expires in linux?
How to view the history of the command "passwd <username>"