[ale] crypt()

[Keith Manthey]

   I can only speak about the UFC 
implementation of the crypt routine, but the UFC implementation only operates on 
the first 8 bytes of the password.  Any password greater than 8 bytes will 
be truncated to 8 bytes and encrypted with a defined salt.
 
Keith
<A 
href="mailto:kmanthey at imperitek.com">kmanthey at imperitek.com
<BLOCKQUOTE dir=ltr 
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
  ----- Original Message ----- 
  <DIV 
  style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black">From: 
  Chris 
  Fowler 
  To: <A title=ale at ale.org 
  href="mailto:'ale at ale.org'">'ale at ale.org' 
  Sent: Thursday, March 29, 2001 9:18 
  AM
  Subject: [ale] crypt()
  
  I'm using the crypt function to check a users 
  passwd word against one in the /etc/passwd file.  For testing purposes, 
  the password is password.  I've noticed that when I issue any character 
  past 8 characters that
  the user enters at the password prompt gets ignored 
  by crypt().  I allow the user to enter a 32 character password so it they 
  enter password12345 they will be allowed access when password is the real 
  password.
  Has anyone else seen this? 
  Chris