On Fri, Aug 15, 2014 at 12:49:03PM +0100, Miroslaw Baran wrote:
How do you encode your random salt?
In the example I gave, my salt was the actual string 'random_salt', right from the example in the URL. Comments on the thread to that example make it clear you should actually use a random salt, and I've found pleny of examples that purport to generate one. By eye, 'random_salt' matches the regex you suggest.
But, I obviously could be quite wrong with such assertions.
SHA-512 password hash as used in glibc crypt() implementation requires the salt be a random string containing up to 16 characters drawn from the set [a-zA-Z0-9./]. I'm using something like this to generate the salt (and hope for the best):
I'll give this a shot, and report back; thanks for the feedback!
Works quite well with our LDAP boxes.
Best regards, ??? Miroslaw Baran