Converting from DES passwords to MD5 and MD5 to DES


To change from DES to MD5:

  • Make note of any DES user passwords that exist on your system. MD5 cannot read DES passwords, so any DES passwords you have will have to be changed.

    # vi passwd

    You should see something similar to:

    root:$1$93CDf$EQWY0qV7WJ1HBwx3OhOwo/:0:0::0:0::/root:/bin/csh paul:$1$hZQd5kJY$dWKdu.A8O9HOr8Qz2.ck21:1000:20::0:0::/home/dan:/usr/local/bin/bash


  • MD5 passwords start with '$1$', DES passwords do not; MD5 password hashes are also longer.

    Once you make note of any users whose passwords will have to be changed, exit vi.


  • Check that your system is indeed using DES:

    # ls -l /usr/lib/libcrypt*
    lrwxr-xr-x 1 root wheel 11 Aug 15 16:48 /usr/lib/libcrypt.a -> libdescrypt.a
    lrwxr-xr-x 1 root wheel 12 Aug 15 16:49 /usr/lib/libcrypt.so -> libdescrypt.so
    lrwxr-xr-x 1 root wheel 14 Aug 15 16:49 /usr/lib/libcrypt.so.2 -> libdescrypt.so.2

    If your system is using DES, the links will point to libdescrypt.* (If not, the links will point to libscrypt.*).


  • Change the symbolic links to point to the MD5 libraries:

    # cd /usr/lib
    # ln -s libscrypt.a libcrypt.a
    # ln -s libscrypt.so libcrypt.so
    # ln -s libscrypt.so.2 libcrypt.so.2


  • Reboot the system:

    # init 6


  • When the system is back up, enter new passwords for the users who had DES passwords
passwd user

Changing from MD5 to DES:

  • Check that your system is indeed using MD5:

    # ls -l /usr/lib/libcrypt*
    lrwxr-xr-x 1 root wheel 11 Aug 15 16:48 /usr/lib/libcrypt.a -> libscrypt.a
    lrwxr-xr-x 1 root wheel 12 Aug 15 16:49 /usr/lib/libcrypt.so -> libscrypt.so
    lrwxr-xr-x 1 root wheel 14 Aug 15 16:49 /usr/lib/libcrypt.so.2 -> libscrypt.so.2

    If your system is using MD5, the links will point to libscrypt.* (If you are already using DES, the links will point to libdescrypt.*).


  • Change the symbolic links to point to the DES libraries:

    # cd /usr/lib
    # ln -s libdescrypt.a libcrypt.a
    # ln -s libdescrypt.so libcrypt.so
    # ln -s libdescrypt.so.2 libcrypt.so.2


  • Reboot the system:

    # init 6


  • When the system is back up, enter new passwords for the users who had DES passwords
passwd user
Posted by Paul Valentino

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)