Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!tellab5!vpnet!dattier From: dattier@vpnet.chi.il.us (David W. Tamkin) Newsgroups: comp.unix.questions Subject: Re: What does '*' symbol in /etc/passwd means? Message-ID: <1991Jun15.000530.21989@vpnet.chi.il.us> Date: 15 Jun 91 00:05:30 GMT References: <27176@adm.brl.mil> <1991Jun14.002427.6120@csc.canberra.edu.au> <1991Jun14.051958.17564@colorado.edu> Organization: VPnet Public Access Unix, Villa Park, Illinois 60181-2206 Lines: 31 frechett@spot.Colorado.EDU, whose name seems to be Ian Frechette, wrote <1991Jun14.051958.17564@colorado.edu>, which had a lot of really good information but a couple things unfortunately he typed it a bit too quickly. | There is a bit more to it than just the fact that * is not in the encryption | charcter set (which is true). Valid characters are [a-zA-Z/.]. Valid characters are those fifty-four plus [0-9], totaling sixty-four. That is why there are 4096 possible pairs if you randomly make two selections from the entire set with order counting. (The salt may consist of two identical characters [there's a 1 in 64 chance of that] and order *does* count here, so even though there are only 2016 distinct doubletons in a set of sixty-four elements, there are 4096 possible salts). | For fun.. look at the string in /etc/passwd that is your encrypted passwd, | change it.. then change it back. Look again at the string; it will be | different due to a new randomly chosen salt. By "change it" Ian must have meant to change your password and to change it back (something any user can do), not to change the encrypted string in /etc/passwd. If your system uses a shadow file, the same thing will happen, but you won't be able to see it unless you have read permissions on the shadow file. Otherwise, thank you for a very informative explanation. David Tamkin PO Box 7002 Des Plaines IL 60018-7002 dattier@vpnet.chi.il.us GEnie:D.W.TAMKIN CIS:73720,1570 MCIMail:426-1818 708 518 6769 312 693 0591 "Parker Lewis Can't Lose" mailing list: flamingo-request@esd.sgi.com (reflector) flamingo-request@mcs.com (digest)