Another command of
passwd, which hashes passwords. Here’s an example:
$ openssl passwd -salt 2y5i7sg24yui secretpassword Warning: truncating password to 8 characters 2yCjE1Rb9Udf6
This hashes the password “secretpassword” with the given salt. The hash algorithm used is crypt, a weak algorithm considered obsolete. Flags can change the hash algorithm (e.g.
-1 uses MD5), but there are no password hashes (e.g. bcrypt) in this list. This seems pretty shit.
Notice “truncating password to 8 characters”. This means that all passwords with the same eight character prefix will produce the same hash:
$ openssl passwd -salt 2y5i7sg24yui secretpasomethingelse Warning: truncating password to 8 characters 2yCjE1Rb9Udf6
This is a behavior of the crypt algorithm. I can’t find any good reason for it on the web. Again, it seems pretty shit.
I wrote this because I'm learning SSL by working through the CLI tool commands. This post is my own, and not associated with my employer.Jim. Public speaking. Friends. Vidrio.