What salts the password hash?

1	What private key pairs are used to generate the hashed passwords in authentication.conf or the passwd file? security user auth asked 15 Jan '10, 21:56 matt ♦♦ 3.1k●2●4●27 accept rate: 82%

One Answer:

oldest newest most voted

In splunk up to 4.1.2, splunk password hashing is applied to both ssl cert passwords and user login passwords. The mechanism is more of a cipher than a key pair.

The secret used in this cipher is stored in $SPLUNK_HOME/etc/auth/splunk.secret. Thus your stored password datums and this file must match.

After 4.1.2, the passwd file contains a traditional one-way hash of the password string, with salt, just as you would find in a linux or openbsd system. SSL cert passwords, and ldap bind passwords are still ciphered as before.

link

answered 15 Jan '10, 22:32

jrodman ♦
5.8k●2●5●15
accept rate: 42%

edited 31 Dec '10, 16:49

Post your answer

toggle preview

Follow this question

Email:

RSS:

Answers

Answers + Comments

Markdown Basics

*italic* or _italic_
**bold** or __bold__
link:[text](http://url.com/ "Title")
image?![alt text](/path/img.jpg "Title")
numbered list: 1. Foo 2. Bar
to add a line break simply add two spaces to where you would like the new line to be.
basic HTML tags are also supported

learn more about Markdown

Tags:

security ×100
user ×58
auth ×25

Asked: 15 Jan '10, 21:56

Seen: 842 times

Last updated: 31 Dec '10, 16:49

What salts the password hash?

Follow this question

Splunk Resources

Related questions