VMware Cloud Community
smackthat
Enthusiast
Enthusiast
‎02-14-2011 03:37 PM

Encrytped/iscrypted Password for ks.cfg

I am not understanding the difference between encrypted passwords used to set up a scripted install.  If I use an MD5SUM generator (or echo -n "password" |md5sum), the password is different than that which I can find encrypted within a manually installed ESX's /etc/shadow.  Say I do a manual install and enter a pwd which I can view encrypted, those characters arent even close to the characters via an md5sum generator.

I expect to find and something like:   $1$3XgYyJQ1$OGev1uCl4YgWvS.0THK4r0

With an md5sum I get something like:  029647b9c5d5940d1f0a2d56e44b7e04

I have added the md5sum version to scripts and it doesnt work, but if I start a manual build, use a new password, retrieve it as a $1$3... variant (obviously even those characters might change with diff words) it always works.  So, how can I quickly generate new encrypted pwds to match the $1$3xxxxxxxxxxxx variant?  Is there a utility?  What is the difference?  Thanks in advance for any help and clarification!

0 Kudos
2 Replies
mcowger
Immortal
Immortal
‎02-14-2011 03:48 PM

There's a salt added as part of that function:

http://en.wikipedia.org/wiki/Salt_(cryptography)

--Matt VCDX #52 blog.cowger.us
0 Kudos
smackthat
Enthusiast
Enthusiast
‎02-14-2011 04:28 PM

Hi Matt-  So I'm guessing the 'salted' version is the format without the strings ($) and is what doesnt work for me when in a ks.cfg.  If I copy the salted version manually from an ESX install and use it in my ks.cfg, it works, the password is as expected.  If I use an 'unsalted' from md5sum gen, it wont work.  Any tips?

0 Kudos