What is the primary purpose of the crypt(3) library on UNIX-like systems?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

What is the primary purpose of the crypt(3) library on UNIX-like systems?

Explanation:
The crypt(3) library is designed to produce password representations (hashes) for storage and later verification. It takes a plaintext password and a salt, runs it through a hashing algorithm, and returns a hashed string that can be stored in the system’s password database. When a user logs in, the system re-hashes the entered password with the same salt and compares it to the stored hash to verify the credentials. This is a one-way transformation, meaning you don’t recover the original password from the hash. This differs from encrypting file contents (encryption is reversible with a key), from managing user accounts, or from providing network authentication by itself. crypt(3) supports multiple hash algorithms (DES-based, MD5-based, Blowfish, etc.) and encodes the chosen algorithm and salt into the stored representation, enabling proper verification across updates to hashing schemes.

The crypt(3) library is designed to produce password representations (hashes) for storage and later verification. It takes a plaintext password and a salt, runs it through a hashing algorithm, and returns a hashed string that can be stored in the system’s password database. When a user logs in, the system re-hashes the entered password with the same salt and compares it to the stored hash to verify the credentials. This is a one-way transformation, meaning you don’t recover the original password from the hash.

This differs from encrypting file contents (encryption is reversible with a key), from managing user accounts, or from providing network authentication by itself. crypt(3) supports multiple hash algorithms (DES-based, MD5-based, Blowfish, etc.) and encodes the chosen algorithm and salt into the stored representation, enabling proper verification across updates to hashing schemes.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy