Bug 428280 - No info on crypt(3) SHA-256/512 features
Summary: No info on crypt(3) SHA-256/512 features
Alias: None
Product: Fedora
Classification: Fedora
Component: man-pages   
(Show other bugs)
Version: 8
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Ivana Varekova
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2008-01-10 13:37 UTC by Alexander Todorov
Modified: 2008-07-28 07:40 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-01-14 10:44:39 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Alexander Todorov 2008-01-10 13:37:15 UTC
Description of problem:
The glibc package in Fedora 8 now has support for passwords using SHA256 and
SHA512 hashing. Before only DES and MD5 were available. The tools to create
passwords have not been extended yet, but if such passwords are created in
others ways, glibc will recognize and honor them.

In man crypt, NOTES, Glibc Notes it's documented how to use the MD5 and DES
implementations and how to distinguish between the two when reading encoded
passwords. No such info exists for the SHA-256/512 implementation.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. man crypt
Actual results:
No info on SHA-256/512 capabilities.

Expected results:
SHA capabilities should be described in the same way MD5 ones are described.

Additional info:

Comment 1 Alexander Todorov 2008-01-10 13:45:35 UTC
According to:

The integration into existing systems is easy if those systems already
support the MD5-based solution.  Ever since the introduction of the
MD5-based method an extended password format is in used:


If the password is not of this form it is an old-style DES-encrypted
password.  If the password has this form the ID identifies the method
used and this then determines how the rest of the password string is
interpreted.  So far the following ID values are in use:

     ID       |    Method
     1        |  MD5 (Linux, BSD)
     2a       |  Blowfish (OpenBSD)
     md5      |  Sun MD5

For the new SHA-256 and SHA-512 methods the following values are

     ID       |    Method
     5        |  SHA-256
     6        |  SHA-512

So $5$<SALT>$<PWD> is a SHA-256 encoded password and $6$<SALT>$<PWD> is a
SHA-512 encoded one. Please add this info in the manual page.

Comment 2 Ivana Varekova 2008-01-14 10:44:39 UTC
Thanks, fixed in man-pages-2.75-2.fc9.

Comment 3 Michael Kerrisk 2008-07-09 04:57:35 UTC

The fix that appears to have been made was to copy the above text, from a 
standards proposal, into the man page.  However, it is not clear if Linux 
systems even support all of these options -- did you check this?

As far as I can see:

2a Blowfish -- is not natively supported by glibc, but some distros patch in 
support (e.g. openSUSE; but does Fedora?)

md5 Sun MD5 -- is not natively supported by glibc.

5 - SHA-256
6 - SHA-512
Are supported by since glibc 2.7.

Can you confirm?

Comment 4 Ivana Varekova 2008-07-28 07:40:11 UTC
Ulrich Drepper's comment is:
"None of the other encryption (2a, md5) is supported.  It makes no sense
to support them.  I only added 5 and 6.  If you mention any other you
should say that the others are not generally available and should be
avoided.  Only SHA is based on technology sanctioned by NIST." so you are right
the man-page should be fixed.

Note You need to log in before you can comment on or make changes to this bug.