different hash length in /etc/shadow

Question

Here is the output of /etc/shadow for two different users stored on the system:

usr1:$1$zgKwt6aQ$gXxsMLgcxa/u6rmq5QseP.:14307:0:99999:7:::
usr2:$6$9Bh5mQ5t$VY64eVcILqgXIC1EFPJ.f3tDVrsSf4y1Th6dleFN2FcuUJQUGevVXILySNfQlDNVWBQXCHaja1hyms.mVeDOY/:14839:0:99999:7:::

Question being, why do these passwd hashes (both working) have different length?

gm3dmo · Accepted Answer · 2011-03-26T09:51:33.973

5

usr1 is using a md5 hash indicated by $1 and usr2 using sha512 hash indicated by $6.

Use authconfig --test | grep hashing to see what method is in force now.

The reason why is probably that the usr2 user got added after an OS upgrade where the default algorithm changed from MD5 to SHA512.

See this link for a bit of background:

http://www.akkadia.org/drepper/SHA-crypt.txt

See cakemox's answer below for all the possible values.

edited Mar 26 '11 at 09:51

answered Mar 26 '11 at 09:45

gm3dmo

9,632
1
40
35

If not on a Redhat based distro, how to see the method? – Fish Monitor Mar 30 '11 at 15:34

score 3 · Answer 2 · answered Mar 26 '11 at 09:46

3

They are hashes made using a different algorithm for each user. The $1$ and the $6$ prefixes tell you which hash is being used:

$1$ - md5
$2$ - bcrypt
$2a$ - eksblowfish
$5$ - sha-256
$6$ - sha-512

answered Mar 26 '11 at 09:46

Cakemox

24,141
6
41
67

score 1 · Answer 3 · answered Mar 26 '11 at 09:45

1

There is magic string in the beginning of hash, defining hash format: $number$.

answered Mar 26 '11 at 09:45

Olli

768
6
16

different hash length in /etc/shadow

3 Answers3