Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 11 Oct 2013 19:45:54 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: otp-md5 format

On 2013-10-11 16:33, Dhiru Kholia wrote:
> On 10/11/13 at 09:47pm, Michael Samuel wrote:
>> Finally, I wanted advice on how the password file entry should look.
>> The natural way for s/key would be an OTP extended response, eg
>> "otp-md5 sa12345 99", followed by the OTP in either hex or words (I
>> think I'd just do hex). Since that seems unlike the rest of JtR, is
>> there any other suggestions?  The fields are: algorithm, salt,
>> sequence, otp.
>
> How about "$otp-md5$algorithm$salt$sequence$otp" ?
>
> $otp-md5$ is the FORMAT_TAG. Maybe we could just use "$otp$" as the
> FORMAT_TAG here?
>
> $ is the separator here and rest of the fields can be arranged according
> to your actual needs.

I see absolutely no reason to use '$' as separator nor prefix, we have 
no problem with using spaces. But there must be no ':' in the string. 
"otp-md5 sa12345 99" is just fine.

magnum


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ