[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Hashed password behaviour

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Hashed password behaviour
From: Jacki M <jackiam2003@xxxxxxxxx>
Date: Sat, 14 Oct 2017 17:47:09 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 14 Oct 2017 20:52:23 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1508028681; bh=KAHqjWFRqu5HMW6lDHYMIEWV/CmnITffv6rp8/vhu0U=; h=From:Subject:Date:References:To:In-Reply-To:From:Subject; b=K3gQ2/fgMmpFam/nehavRirx9u0TVJDwt84j70Otgg39u7XVyqLGDg0YmixNDGEZ3hcG6RmjfDXBllkgsTfG3MnbFph9DHeUhGZ4Lim50r0g/5QERVFqPyWNEtQ2Qz3ducmHlhw7oLQ0na85qNEVF7xy8qpJPOIJkCzKeLcDm/Vhs39pwIagH+4YJjeadX31x+tvetwvo7cp5TcV4IrjLkC2gmJYN9d1xqhiTfPjDtwIr0FCze5WKdQLze03f/EIytyM8u496YekvrbRWxC+MDLl2VPmMdJqOcuSXKRZX7kkh9059ORAKGBCtLMQt0Tk0v5PGXiD0agvNAvl6Y1U1A==
In-reply-to: <1508027632.3892598.1139001208.0C6D3CAA@webmail.messagingengine.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays $exit, non-exit, bridge$" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <1508027632.3892598.1139001208.0C6D3CAA@webmail.messagingengine.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

Here is an excerpt from the “Tor control protocol"

If the 'HashedControlPassword' option is set, it must contain the salted
  hash of a secret password.  The salted hash is computed according to the
  S2K algorithm in RFC 2440 (OpenPGP), and prefixed with the s2k specifier.
  This is then encoded in hexadecimal, prefixed by the indicator sequence
  "16:".  Thus, for example, the password 'foo' could encode to:
     16:660537E3E1CD49996044A3BF558097A981F539FEA2F9DA662B4626C1C2

On Oct 14, 2017, at 5:33 PM, Geoff Down <geoffdown@xxxxxxxxxxxx> wrote:

Hello all,
what sort of crazy bug would make Tor give different hashes for the same
password?

$ tor --hash-password hello
16:735E6FA5355D4146606AFE25B61B411DF419878C99705164D038FC99BC
$ tor --hash-password hello
16:8201E7D35BB8CACB60BF8947B49A3480BA1A17E77EDA8BE45790746884
$ tor --version
Tor version 0.3.1.7 (git-6babd3d9ba9318b3).

(on OSX 10.4).
GD
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Hashed password behaviour
  - From: Geoff Down

Prev by Author: Re: [tor-relays] atlas.cogentco.com Is blocking
Next by Author: Re: [tor-relays] "Removed 1565259696 bytes by killing 1 circuits"
Previous by thread: [tor-relays] Hashed password behaviour
Next by thread: Re: [tor-relays] Hashed password behaviour
Index(es):
- Author
- Thread