mkpasswd -m sha-512 password -s “22446688” [duplicate]
Multi tool use
This question already has an answer here:
Why 'mkpasswd -m sha-512' produce different result every time it is called?
1 answer
I have a question on mkpasswd command result, I must use the same word in this to reproduce the same result hashed over and over, but what happens if I left without the -S option this will create a hashed password with a salted random word, so here is my problem:
with -S option.-
password: p4ssw0rd
word: 22446688
output: $6$22446688$kQPZPIx3oZHwJ/l1xteaU5CqM0m7IoglQPFtDwUSMYCUAHkRUAIAfETjvgJmXhwLm4NVI5DHTXYt9d25cnZN3/
RESULT WILL BE ALWAYS THE SAME ****
WITHOUT -S option.-
output:
$6$nLtu32Q.5ZtRwK9x$z51ORpMvbOmxRj2IveXlqZnBZI16Fnvn4HQA7JBAFIPbhTI/gugtq0XCS3bBl80JBTDrROrm9emMpyRaZt0Pv0
RESULT WIL VARY OVER AND OVER AGAIN****
when I use the word over and over the result is the same, when I don't use the word result is different, so my question is if I take for example option without -S option and used for encrypt password how do I guarantee that when enter password will be compared and will be same since I only have password but I don't know the salt word since this was optional and assigned randomly? or it does not matter since the word is stored with the hash of the password and is not required to know it?
linux
marked as duplicate by Kusalananda
StackExchange.ready(function() {
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function() {
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function() {
$hover.showInfoMessage('', {
messageElement: $msg.clone().show(),
transient: false,
position: { my: 'bottom left', at: 'top center', offsetTop: -7 },
dismissable: false,
relativeToBody: true
});
},
function() {
StackExchange.helpers.removeMessages();
}
);
});
});
Feb 19 at 6:45
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
add a comment |
This question already has an answer here:
Why 'mkpasswd -m sha-512' produce different result every time it is called?
1 answer
I have a question on mkpasswd command result, I must use the same word in this to reproduce the same result hashed over and over, but what happens if I left without the -S option this will create a hashed password with a salted random word, so here is my problem:
with -S option.-
password: p4ssw0rd
word: 22446688
output: $6$22446688$kQPZPIx3oZHwJ/l1xteaU5CqM0m7IoglQPFtDwUSMYCUAHkRUAIAfETjvgJmXhwLm4NVI5DHTXYt9d25cnZN3/
RESULT WILL BE ALWAYS THE SAME ****
WITHOUT -S option.-
output:
$6$nLtu32Q.5ZtRwK9x$z51ORpMvbOmxRj2IveXlqZnBZI16Fnvn4HQA7JBAFIPbhTI/gugtq0XCS3bBl80JBTDrROrm9emMpyRaZt0Pv0
RESULT WIL VARY OVER AND OVER AGAIN****
when I use the word over and over the result is the same, when I don't use the word result is different, so my question is if I take for example option without -S option and used for encrypt password how do I guarantee that when enter password will be compared and will be same since I only have password but I don't know the salt word since this was optional and assigned randomly? or it does not matter since the word is stored with the hash of the password and is not required to know it?
linux
marked as duplicate by Kusalananda
StackExchange.ready(function() {
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function() {
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function() {
$hover.showInfoMessage('', {
messageElement: $msg.clone().show(),
transient: false,
position: { my: 'bottom left', at: 'top center', offsetTop: -7 },
dismissable: false,
relativeToBody: true
});
},
function() {
StackExchange.helpers.removeMessages();
}
);
});
});
Feb 19 at 6:45
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
2
Is your question how a random salt is stored? If you look at the output when you specify the salt (in your case22446688
), you will see in the output that the salt is stored $6$ 22446688 $ _. In a similar fashion, the random salt is also stored in the output: _$6$ nLtu32Q.5ZtRwK9x $. So when a password is entered, it is hashed using the stored salt. But I suspect I misunderstood your question.
– KevinO
Feb 19 at 3:23
Possibly related: why mkpasswd produces a different result every time it is called
– KevinO
Feb 19 at 3:27
add a comment |
This question already has an answer here:
Why 'mkpasswd -m sha-512' produce different result every time it is called?
1 answer
I have a question on mkpasswd command result, I must use the same word in this to reproduce the same result hashed over and over, but what happens if I left without the -S option this will create a hashed password with a salted random word, so here is my problem:
with -S option.-
password: p4ssw0rd
word: 22446688
output: $6$22446688$kQPZPIx3oZHwJ/l1xteaU5CqM0m7IoglQPFtDwUSMYCUAHkRUAIAfETjvgJmXhwLm4NVI5DHTXYt9d25cnZN3/
RESULT WILL BE ALWAYS THE SAME ****
WITHOUT -S option.-
output:
$6$nLtu32Q.5ZtRwK9x$z51ORpMvbOmxRj2IveXlqZnBZI16Fnvn4HQA7JBAFIPbhTI/gugtq0XCS3bBl80JBTDrROrm9emMpyRaZt0Pv0
RESULT WIL VARY OVER AND OVER AGAIN****
when I use the word over and over the result is the same, when I don't use the word result is different, so my question is if I take for example option without -S option and used for encrypt password how do I guarantee that when enter password will be compared and will be same since I only have password but I don't know the salt word since this was optional and assigned randomly? or it does not matter since the word is stored with the hash of the password and is not required to know it?
linux
This question already has an answer here:
Why 'mkpasswd -m sha-512' produce different result every time it is called?
1 answer
I have a question on mkpasswd command result, I must use the same word in this to reproduce the same result hashed over and over, but what happens if I left without the -S option this will create a hashed password with a salted random word, so here is my problem:
with -S option.-
password: p4ssw0rd
word: 22446688
output: $6$22446688$kQPZPIx3oZHwJ/l1xteaU5CqM0m7IoglQPFtDwUSMYCUAHkRUAIAfETjvgJmXhwLm4NVI5DHTXYt9d25cnZN3/
RESULT WILL BE ALWAYS THE SAME ****
WITHOUT -S option.-
output:
$6$nLtu32Q.5ZtRwK9x$z51ORpMvbOmxRj2IveXlqZnBZI16Fnvn4HQA7JBAFIPbhTI/gugtq0XCS3bBl80JBTDrROrm9emMpyRaZt0Pv0
RESULT WIL VARY OVER AND OVER AGAIN****
when I use the word over and over the result is the same, when I don't use the word result is different, so my question is if I take for example option without -S option and used for encrypt password how do I guarantee that when enter password will be compared and will be same since I only have password but I don't know the salt word since this was optional and assigned randomly? or it does not matter since the word is stored with the hash of the password and is not required to know it?
This question already has an answer here:
Why 'mkpasswd -m sha-512' produce different result every time it is called?
1 answer
linux
linux
edited Feb 19 at 6:19
Archemar
20.2k93772
20.2k93772
asked Feb 19 at 2:52
Raymundo EscobarRaymundo Escobar
1
1
marked as duplicate by Kusalananda
StackExchange.ready(function() {
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function() {
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function() {
$hover.showInfoMessage('', {
messageElement: $msg.clone().show(),
transient: false,
position: { my: 'bottom left', at: 'top center', offsetTop: -7 },
dismissable: false,
relativeToBody: true
});
},
function() {
StackExchange.helpers.removeMessages();
}
);
});
});
Feb 19 at 6:45
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
marked as duplicate by Kusalananda
StackExchange.ready(function() {
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function() {
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function() {
$hover.showInfoMessage('', {
messageElement: $msg.clone().show(),
transient: false,
position: { my: 'bottom left', at: 'top center', offsetTop: -7 },
dismissable: false,
relativeToBody: true
});
},
function() {
StackExchange.helpers.removeMessages();
}
);
});
});
Feb 19 at 6:45
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
2
Is your question how a random salt is stored? If you look at the output when you specify the salt (in your case22446688
), you will see in the output that the salt is stored $6$ 22446688 $ _. In a similar fashion, the random salt is also stored in the output: _$6$ nLtu32Q.5ZtRwK9x $. So when a password is entered, it is hashed using the stored salt. But I suspect I misunderstood your question.
– KevinO
Feb 19 at 3:23
Possibly related: why mkpasswd produces a different result every time it is called
– KevinO
Feb 19 at 3:27
add a comment |
2
Is your question how a random salt is stored? If you look at the output when you specify the salt (in your case22446688
), you will see in the output that the salt is stored $6$ 22446688 $ _. In a similar fashion, the random salt is also stored in the output: _$6$ nLtu32Q.5ZtRwK9x $. So when a password is entered, it is hashed using the stored salt. But I suspect I misunderstood your question.
– KevinO
Feb 19 at 3:23
Possibly related: why mkpasswd produces a different result every time it is called
– KevinO
Feb 19 at 3:27
2
2
Is your question how a random salt is stored? If you look at the output when you specify the salt (in your case
22446688
), you will see in the output that the salt is stored $6$ 22446688 $ _. In a similar fashion, the random salt is also stored in the output: _$6$ nLtu32Q.5ZtRwK9x $. So when a password is entered, it is hashed using the stored salt. But I suspect I misunderstood your question.– KevinO
Feb 19 at 3:23
Is your question how a random salt is stored? If you look at the output when you specify the salt (in your case
22446688
), you will see in the output that the salt is stored $6$ 22446688 $ _. In a similar fashion, the random salt is also stored in the output: _$6$ nLtu32Q.5ZtRwK9x $. So when a password is entered, it is hashed using the stored salt. But I suspect I misunderstood your question.– KevinO
Feb 19 at 3:23
Possibly related: why mkpasswd produces a different result every time it is called
– KevinO
Feb 19 at 3:27
Possibly related: why mkpasswd produces a different result every time it is called
– KevinO
Feb 19 at 3:27
add a comment |
1 Answer
1
active
oldest
votes
The point of using a salt value is that the result will be different for each salt value. Using the same salt for each password negates the advantage of having a salt.
As for how the function verifying a password knows which salt was used, the salt is stored as part of the password hash. The first implementations used the first two characters for salt followed by the hash. Now the format for the password hash is some fields separated by $
signs. The first field specifies the algorithm used, then optionally parameters, the the salt value and the hash itself.
In your case, the output contains your salt value, 22446688
$6$22446688$...
In the second command, the salt is a random value, nLtu32Q.5ZtRwK9x
$6$nLtu32Q.5ZtRwK9x$...
The password verification gets the complete string, including algorithm and salt, so it can verify the password.
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The point of using a salt value is that the result will be different for each salt value. Using the same salt for each password negates the advantage of having a salt.
As for how the function verifying a password knows which salt was used, the salt is stored as part of the password hash. The first implementations used the first two characters for salt followed by the hash. Now the format for the password hash is some fields separated by $
signs. The first field specifies the algorithm used, then optionally parameters, the the salt value and the hash itself.
In your case, the output contains your salt value, 22446688
$6$22446688$...
In the second command, the salt is a random value, nLtu32Q.5ZtRwK9x
$6$nLtu32Q.5ZtRwK9x$...
The password verification gets the complete string, including algorithm and salt, so it can verify the password.
add a comment |
The point of using a salt value is that the result will be different for each salt value. Using the same salt for each password negates the advantage of having a salt.
As for how the function verifying a password knows which salt was used, the salt is stored as part of the password hash. The first implementations used the first two characters for salt followed by the hash. Now the format for the password hash is some fields separated by $
signs. The first field specifies the algorithm used, then optionally parameters, the the salt value and the hash itself.
In your case, the output contains your salt value, 22446688
$6$22446688$...
In the second command, the salt is a random value, nLtu32Q.5ZtRwK9x
$6$nLtu32Q.5ZtRwK9x$...
The password verification gets the complete string, including algorithm and salt, so it can verify the password.
add a comment |
The point of using a salt value is that the result will be different for each salt value. Using the same salt for each password negates the advantage of having a salt.
As for how the function verifying a password knows which salt was used, the salt is stored as part of the password hash. The first implementations used the first two characters for salt followed by the hash. Now the format for the password hash is some fields separated by $
signs. The first field specifies the algorithm used, then optionally parameters, the the salt value and the hash itself.
In your case, the output contains your salt value, 22446688
$6$22446688$...
In the second command, the salt is a random value, nLtu32Q.5ZtRwK9x
$6$nLtu32Q.5ZtRwK9x$...
The password verification gets the complete string, including algorithm and salt, so it can verify the password.
The point of using a salt value is that the result will be different for each salt value. Using the same salt for each password negates the advantage of having a salt.
As for how the function verifying a password knows which salt was used, the salt is stored as part of the password hash. The first implementations used the first two characters for salt followed by the hash. Now the format for the password hash is some fields separated by $
signs. The first field specifies the algorithm used, then optionally parameters, the the salt value and the hash itself.
In your case, the output contains your salt value, 22446688
$6$22446688$...
In the second command, the salt is a random value, nLtu32Q.5ZtRwK9x
$6$nLtu32Q.5ZtRwK9x$...
The password verification gets the complete string, including algorithm and salt, so it can verify the password.
answered Feb 19 at 6:44
RalfFriedlRalfFriedl
5,4303925
5,4303925
add a comment |
add a comment |
lLr,qw qMx1xRM,y1Znvb4lg8BC6NpFdZLHk7aoY0D95qE4,FD
2
Is your question how a random salt is stored? If you look at the output when you specify the salt (in your case
22446688
), you will see in the output that the salt is stored $6$ 22446688 $ _. In a similar fashion, the random salt is also stored in the output: _$6$ nLtu32Q.5ZtRwK9x $. So when a password is entered, it is hashed using the stored salt. But I suspect I misunderstood your question.– KevinO
Feb 19 at 3:23
Possibly related: why mkpasswd produces a different result every time it is called
– KevinO
Feb 19 at 3:27