[Techtalk] Verify MD5-Hashed Passwords in Perl?
Kai MacTane
kmactane at GothPunk.com
Thu Sep 13 13:38:55 EST 2001
Hello. I need to get a Perl script to take in a username and password, read
/etc/shadow (which is storing the passwords as MD5 hashes, rather than
crypted), and verify that the user's password actually does match.
I understand that the MD5 hash has a "salt" involved; the stored hash looks
like:
username:$1$xxxxxxxx$yyyyyyyyyyyyyyyyyyyyyy:[rest of line]
, and I understand that the Xs represent the salt, with the Ys giving the
actual hashed digest.
I've looked at the MD5.pm documentation, and I can't see any way to use it
to verify that a given string matches the stored string. But I know it must
be possible for actual password authentication. Can anyone advise me on
what I need? (I'm suspecting a different Perl module.)
Thanks in advance.
--Kai MacTane
----------------------------------------------------------------------
"Playing dead and sweet submission,
Cracks the whip deadpan on cue."
--Siouxsie and the
Banshees,
"Peek-a-boo"
More information about the Techtalk
mailing list