diff -up man-pages-2.75/man3/crypt.3.pom man-pages-2.75/man3/crypt.3 --- man-pages-2.75/man3/crypt.3.pom 2008-01-03 17:07:29.000000000 +0100 +++ man-pages-2.75/man3/crypt.3 2008-01-14 11:04:42.000000000 +0100 @@ -141,22 +141,59 @@ function was not implemented, probably b SVr4, 4.3BSD, POSIX.1-2001 .SH NOTES .SS Glibc Notes -The glibc2 version of this function has the following additional features. +The glibc2 version of this function has the following additional features: + If .I salt -is a character string starting with the three characters "$1$" -followed by at most eight characters, and optionally terminated by "$", -then instead of using the DES machine, the glibc crypt function -uses an MD5-based algorithm, and outputs up to 34 bytes, -namely "$1$$", where -"" stands for the up to 8 characters following "$1$" in the salt, -and "" is a further 22 characters. -The characters in "" and "" are drawn from the set +is a character string starting with the three characters "$$" +followed by a string terminated by "$", + +$$$ + +then instead of using the DES machine, ID identifies the method used and +this then determines how the rest of the password string is +interpreted. So far the following ID values are in use: + +.TS +l l. +ID | Method +_ +1 | MD5 (Linux, BSD) +2a | Blowfish (OpenBSD) +md5 | Sun MD5 +.TE + +For the new SHA-256 and SHA-512 methods the following values are +selected: + +.TS +l l. +ID | Method +_ +5 | SHA-256 +6 | SHA-512 +.TE + +So $5$$ is a SHA-256 encoded password and $6$$ is a +SHA-512 encoded one. + +"" stands for the up to 16 characters following "$ID$" in the salt. +The pwd part of the password string is the actual computed password. +The size of this string is fixed: + +.TS +l l. +MD5 | 22 characters +SHA-256 | 43 characters +SHA-512 | 86 characters +.TE + +The characters in "" and "" are drawn from the set [\fBa\fP\(en\fBzA\fP\(en\fBZ0\fP\(en\fB9./\fP]. -The entire +In SHA implementation the entire .I key is significant here (instead of only the first -8 bytes). +8 bytes in MD5). .SH "SEE ALSO" .BR login (1), .BR passwd (1),