I was reading the Wikipedia article on the shadow file and it mentioned the format of the lines is like this:
$id$salt$hashed
So, my question is, how does it work?
I tried to calcualte the hash for my own account to which I had the password so I used this command:
sha512sum
{salt}+{my_clear_text_password}
But the output is different from the hash I see for myself. So how does it work? What am I missing?
Best Answer
A couple of things to think about (you'll have to read the sources in the Linux coreutils and glibc2 to confirm)
The output of sha512sum appears to be printable hex notation whereas the output stored in the shadow file appears to be base64 so they will be different.
I think that the sha512sum in the shadow file has been passed through the hash function more than once (
#define ROUNDS_DEFAULT 5000
) whereas the sha512sum just passes the 'file' through the hash once.There may be padding added by one or both commands to align the data it may be different.