crypt' mechanismcrypt' mechanismIt is fairly easy to recognize whether a particular password
string was created using the DES- or MD5-based hash function.
MD5 password strings always begin with the characters
`$1$'. DES password strings do not have
any particular identifying characteristics, but they are shorter
than MD5 passwords, and are coded in a 64-character alphabet
which does not include the `$' character, so a
relatively short string which doesn't begin with a dollar sign is
very likely a DES password.
Determining which library is being used on your system is fairly
easy for most programs, except for those like `init' which
are statically linked. (For those programs, the only way is to try
them on a known password and see if it works.) Programs which use
`crypt' are linked against `libcrypt', which for
each type of library is a symbolic link to the appropriate
implementation. For example, on a system using the DES versions:
$ cd /usr/lib
$ ls -l /usr/lib/libcrypt*
lrwxr-xr-x 1 bin bin 13 Sep 5 12:50 libcrypt.a -> libdescrypt.a
lrwxr-xr-x 1 bin bin 18 Sep 5 12:50 libcrypt.so.2.0 -> libdescrypt.so.2.0
lrwxr-xr-x 1 bin bin 15 Sep 5 12:50 libcrypt_p.a -> libdescrypt_p.a
On a system using the MD5-based libraries, the same links will be
present, but the target will be `libscrypt' rather than
`libdescrypt'.
crypt' mechanism