Solved

Using openssl to create Cryptographic Hash Values SHA-512

Posted on 2015-01-23
4
436 Views
Last Modified: 2015-01-23
How can I produce the same hash digest for user1's password using openssl?

user1's password is
HelloWorld

root@kali:~# cat /etc/shadow | grep user1
user1:$6$GRZcztBQ$.eHNZsczu4D3g7bsGkZlVKi14nLG/5W8WXXr7vKbziwkKHCnq3fvBO.j1KPcVxyTqy/5.DXZy4lD8QqH1H2bH/:16458:0:99999:7:::
root@kali:~#

Open in new window

In my openssl command below, I don't get the same hash value as stored in /etc/shadow for user1. What am I doing wrong? I'm even using the same salt.

root@kali:~# echo -n \$GRZcztBQ\$HelloWorld | openssl dgst -sha512
(stdin)= 0afd50eb46b2004be59c3ac2b53e456e5359dc20debe561afabafdaac0eda7d1e666b766de537bbc663f8b2290f2177fc16659e874c05ce5651f0722c65f901c
root@kali:~#

Open in new window


Thank you for your help! I really appreciate it.

CV
0
Comment
Question by:cv 127001
  • 2
  • 2
4 Comments
 
LVL 17

Expert Comment

by:OriNetworks
ID: 40567771
openssl does not support this apparently
0
 

Author Comment

by:cv 127001
ID: 40567795
Thank you. Really? Wow! I'm a little confused because when I ask it to list supported hash digests, SHA512 is listed. May I ask where you got the information so that I can read-up a little more on it?  Thank you. This is the first time I use experts-exchange, so I don't know if accepting your solution now will prevent you to post to it again.
0
 
LVL 17

Accepted Solution

by:
OriNetworks earned 500 total points
ID: 40567800
Sorry for such a blunt answer and I would prefer to be wrong about this.  If you look at the formatting of the password in the shadow file vs the openssl output you will see the shadow file has characters like / and . and the output of openssl simply gives you  plain digest as you requested.

The correct openssql command would be something like openssl passwd -1 but as I stated it does not support sha512. I was also curious after I came across this question and did some more research but haven't been able to find why this isn't supported as many other methods seem to be fine getting to the result you are trying to achieve.

You have a full list of supported commands here
http://wiki.openssl.org/index.php/Command_Line_Utilities
0
 

Author Comment

by:cv 127001
ID: 40567805
OriNetwork, THANK YOU very much. I really appreciate the help. Strange that it doesn't support. Oh well, thanks to know, now I know why they don't match.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
Ransomware is a growing menace to anyone using a computer or mobile device. Here are answers to some common questions about this vicious new form of malware.
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question