Solved

Using openssl to create Cryptographic Hash Values SHA-512

Posted on 2015-01-23
4
390 Views
Last Modified: 2015-01-23
How can I produce the same hash digest for user1's password using openssl?

user1's password is
HelloWorld

root@kali:~# cat /etc/shadow | grep user1
user1:$6$GRZcztBQ$.eHNZsczu4D3g7bsGkZlVKi14nLG/5W8WXXr7vKbziwkKHCnq3fvBO.j1KPcVxyTqy/5.DXZy4lD8QqH1H2bH/:16458:0:99999:7:::
root@kali:~#

Open in new window

In my openssl command below, I don't get the same hash value as stored in /etc/shadow for user1. What am I doing wrong? I'm even using the same salt.

root@kali:~# echo -n \$GRZcztBQ\$HelloWorld | openssl dgst -sha512
(stdin)= 0afd50eb46b2004be59c3ac2b53e456e5359dc20debe561afabafdaac0eda7d1e666b766de537bbc663f8b2290f2177fc16659e874c05ce5651f0722c65f901c
root@kali:~#

Open in new window


Thank you for your help! I really appreciate it.

CV
0
Comment
Question by:cv 127001
  • 2
  • 2
4 Comments
 
LVL 17

Expert Comment

by:OriNetworks
ID: 40567771
openssl does not support this apparently
0
 

Author Comment

by:cv 127001
ID: 40567795
Thank you. Really? Wow! I'm a little confused because when I ask it to list supported hash digests, SHA512 is listed. May I ask where you got the information so that I can read-up a little more on it?  Thank you. This is the first time I use experts-exchange, so I don't know if accepting your solution now will prevent you to post to it again.
0
 
LVL 17

Accepted Solution

by:
OriNetworks earned 500 total points
ID: 40567800
Sorry for such a blunt answer and I would prefer to be wrong about this.  If you look at the formatting of the password in the shadow file vs the openssl output you will see the shadow file has characters like / and . and the output of openssl simply gives you  plain digest as you requested.

The correct openssql command would be something like openssl passwd -1 but as I stated it does not support sha512. I was also curious after I came across this question and did some more research but haven't been able to find why this isn't supported as many other methods seem to be fine getting to the result you are trying to achieve.

You have a full list of supported commands here
http://wiki.openssl.org/index.php/Command_Line_Utilities
0
 

Author Comment

by:cv 127001
ID: 40567805
OriNetwork, THANK YOU very much. I really appreciate the help. Strange that it doesn't support. Oh well, thanks to know, now I know why they don't match.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Fine Tune your automatic Updates for Ubuntu / Debian
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question