What does '*' symbol in /etc/passwd means?

[-=Runaway Daemon=-]

In article <1991Jun14.002427.6120 at csc.canberra.edu.au> rvp at softserver.canberra.edu.au (Rey Paulo) writes:

I just recently spent a significant amount of time figure out why crypt 
does what it does and I believe I can add a bit here.
>
>The reason why '*' is used to lock login is because '*' is not in the 
>encrypted alphabet of the crypt algorithm.  Hence, it is impossible for
>the encryption program to generate a string with a '*'.

There is a bit more to it than just the fact that * is not in the encryption 
charcter set (which is true).  Valid characters are [a-zA-Z/.].  But if 
I were to use any string in /etc/passwd with a lenght != 13 bytes it 
will be invalid.  The nuts at work commonly use 
name:PASSWD GOES HERE:etc:etc:etc.... .  This string cannot possibly be 
generated by crypt(3) and this is why.  In the internals of crypt(3) it takes
as input a 10 byte word and 2 bytes of salt.  The salt is generally chosen 
randomly and it consists of two of the characters from the valid charcters 
mentioned above.  The salt choses 1 of 4096 different slight modifications in 
the standard DES encryption scheme.  The word and salt are fed in and crypt(3)
outputs the salt as the first two characters of the encrtyped passwd and then 
11 more bytes of truely encrypted data.  For fun.. look at the string in 
/etc/passwd that is your encrypted passwd, change it.. then change it back. 
Look again at the string; it will be different due to a new randomly chosen
salt.  

Also, crypt(3) is not decryptable in that once you have an encrypted word 
there is no way to return the original string.  The only way to  decrypt
is actually to encrypt a guess and compare with what you already have. 
An example:
(>=+=>crypt.pl
Enter <key> <salt>  =>blueish aB
Crypt is: aB6YSC2UZBGII                       Note aB is in encrytion 
Enter <key> <salt>  =>blueish Z.
Crypt is: Z.0iioX3H3zoo
Enter <key> <salt>  =>blueish Z.0iioX3H3zoo   and this is why.. This is how 
			      ^^^^^^^^^^^^^   login checks your passwd.
	You would take this from /etc/passwd
Crypt is: Z.0iioX3H3zoo                       

Two more notes.. 
1. I say crypt(3) because crypt(1) is totally different.
2. crypt(3) is purposely designed to take a HUGE portion of CPU when encrypting
   which makes passwd cracking very slow and fairly visible.  If I just run one
   guess through every line of the /etc/passwd file on my DEC5500 (about 28 
   Mips) it hangs about every 5 seconds for up to 20 seconds.. The machine
   just can't afford to keep the process in memory all the time.


>
>-- 
>Rey V. Paulo                  | Internet:  rvp at csc.canberra.edu.au 
>University of Canberra        | I am not bound to please thee with my answer. 
>AUSTRALIA                     |         -Shylock, in "The Merchant of Venice" 
>------------------------------+----------------------------------------------


	ian

-=Runaway Daemon=-        (UNIXOPS University of Colorado at Boulder)