[rt-users] Password Encryption Used By RT

Rick Bradley rt-users at rickbradley.com
Fri Nov 8 11:41:39 EST 2002


* John Gedeon (jgedeon at qualcomm.com) [021108 10:32]:
> I am evaluating the RT system and noticed that the passwords stored in the 
> database are encrypted (good job i wasn't expecting that :) ) but I was 
> wondering what algorithm was used. I hope its the same as unix based 
> passwords I am hoping to be able to add the functionality that all users in 
> RT that get greated by them sending in a request will have their unix 
> password (and id which is usually their email address as well) be their rt 
> pass. the easyiest way would ofcourse be cut encrypted pass from passfile 
> and paste into rt user table, but I wanted to make sure the encryption was 
> the same....

The passwords are encrypted with crypt().  This is common for Unix
passwords, but not necessarily identical with what a particular system
uses.  Many newer systems will use md5 login passwords which look a bit
different, function similarly, and use a completely different hashing
algorithm than crypt.

It is straightforward to mix and match crypt() and md5() password within
the same password file/database where supported, but I'm not aware that
RT has this capability (yet).

In short, if your system uses crypt() passwords then you should be able
to cut and paste from the passwd file, otherwise no.

Rick
-- 
 http://www.rickbradley.com    MUPRN: 60    (59F/56F)
                       |  mean if anyone
   random email haiku  |  knew me that well I'd have to
                       |  fall in love with them.



More information about the rt-users mailing list