Menu
I'm trying to hash an inputted password using the OpenSSL passwd command and compare it to the stored hash, but the hash function is not consistent. The hash generated the first time around is not the same hash that is being generated when I go to compare the input. Note the 3 different results each time I perform the hash:
caseys-air:~ Casey$ openssl passwd -1 MySecret
$1$AlHYrEQp$.c7UTqHiReGXfmNtXOY/T0
caseys-air:~ Casey$ openssl passwd -1 MySecret
$1$6BPglDOg$8KHb5e7ZryYPfYP0Zm8Ra/
caseys-air:~ Casey$ openssl passwd -1 MySecret
$1$vmQtjpWw$yIi6sZt.3XAP7W3e7hBG11
What's going on here? Is the system time being used in creating the hash? How can I get consistent hashes?
349
Each time you call that command, it generates a new salt and encrypts with that salt. Format is $1$<salt>$<data> for an MD5.
To generate an equivalent value for comparison, you must tell OpenSSL to use the same salt.
First, split the existing string by $. In your first string, salt is AlHYrEQp.
Then:
openssl passwd -1 -salt AlHYrEQp MySecret
I get:
[me@foo ~]$ openssl passwd -1 -salt AlHYrEQp MySecret
$1$AlHYrEQp$.c7UTqHiReGXfmNtXOY/T0
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
