Salted SHA512
Nathan Ward
lists+freeradius at daork.net
Thu Sep 8 07:25:38 CEST 2016
(List admin, please ignore the large message waiting for moderation)
> On 8/09/2016, at 13:16, Laurens Vets <laurens at daemon.be <mailto:laurens at daemon.be>> wrote:
>
> Sorry to bother the list again, but it still doesn't work. I've put '0x' in front of that string and I still get a byte error message. See debug #1 below.
>
> Most likely, I'm doing something completely wrong, so here's my full password generating method:
>
> root at server:~# perl ssha2passwd.pl -l 512 -saltlen 8 laurens7
> oiaYnKzLDNazrhlH95szGQkh0eSQzBd8lFWK6lOEqbVV9S1gdhNIbUvEU0esQsgkFsIE7GYsYZl7pzN3aq3sQKibKTo9EUWk
> root at server:~#
>
> MariaDB [radius]> UPDATE radcheck SET value='0xoiaYnKzLDNazrhlH95szGQkh0eSQzBd8lFWK6lOEqbVV9S1gdhNIbUvEU0esQsgkFsIE7GYsYZl7pzN3aq3sQKibKTo9EUWk' WHERE id=5;
> Query OK, 1 row affected (0.13 sec)
> Rows matched: 1 Changed: 1 Warnings: 0
>
Put 0x in front of hex strings. If it is not a hex string, don’t put 0x in front of it. The output of ssha2passwd.pl is not a hex string.
Please look at the logs and see if these are things you can resolve yourself:
(1) sql: ERROR: Error parsing value: Invalid hex data
Alan was saying that the “a6183fa9bbd706c6731acf41e9218c9ab94867b4b337e3d6fad29027a566a57e914fc4c82a7c5fe7fb7b1945f59c8c37151deb0f7ef5cd3aab5” etc. string is hex, so it should have an 0x in front of it. The string you get out of ssha2passwd.pl should not have an 0x in front of it as it is not hex.
If you want, you could probably encode the output of ssha2passwd.pl as hex, and put an 0x in front of it.
--
Nathan Ward
More information about the Freeradius-Users
mailing list