CRYPT_SUNMD5(7) Standards, Environments, and Macros CRYPT_SUNMD5(7)

NAME


crypt_sunmd5 - password hashing module using MD5 message hash algorithm

SYNOPSIS


/usr/lib/security/$ISA/crypt_sunmd5.so


DESCRIPTION


The crypt_sunmd5 module is a one-way password hashing module for use with
crypt(3C) that uses the MD5 message hash algorithm. The algorithm
identifier for crypt.conf(5) and policy.conf(5) is md5.


This module is designed to make it difficult to crack passwords that use
brute force attacks based on high speed MD5 implementations that use code
inlining, unrolled loops, and table lookup.


The maximum password length for crypt_sunmd5 is 255 characters.


The following options can be passed to the module by means of
crypt.conf(5):

rounds=<positive_number>
Specifies the number of additional rounds of
MD5 to use in generation of the salt; the
default number of rounds is 4096. Negative
values have no effect and are ignored, that
is, the number of rounds cannot be lowered
below 4096.

The number of additional rounds is stored in
the salt string returned by
crypt_gensalt(3C). For example:

$md5,rounds=1000$nlxmTTpz$

When crypt_gensalt(3C) is being used to
generate a new salt, if the number of
additional rounds configured in crypt.conf(5)
is greater than that in the old salt, the
value from crypt.conf(5) is used instead.
This allows for migration to stronger (but
more time-consuming) salts on password
change.


ATTRIBUTES


See attributes(7) for descriptions of the following attributes:


+---------------+-----------------+
|ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+---------------+-----------------+
|MT-Level | Safe |
+---------------+-----------------+

SEE ALSO


passwd(1), crypt(3C), crypt_genhash_impl(3C), crypt_gensalt(3C),
crypt_gensalt_impl(3C), getpassphrase(3C), crypt.conf(5), passwd(5),
policy.conf(5), attributes(7)

illumos December 23, 2003 CRYPT_SUNMD5(7)