On 10-01-2007 at 03:46, Darryl Gregorash
wrote: On 2007-01-09 08:37, Dominique Leuenberger wrote: <snip> It's already bad if somebody get's so far in your computer, but if he did, you have small chances to protect this file (except HD encryption). One wonders, then, why bother to encrypt all the users' system passwords?
Ha.. that's easy... for shadow, there is either ssha or md5 used. Both are hashing algorithms, which are not reversable. This works in this case, as you do: Make user input a password Encrypt password Verify encrpted password with stored encrypted If they are the same, he very likely gave the wrong plain password. But in no way can you get from the hash to the password. For the case with .curlrc (as the OP mentions), the intent is to make curl use this password without the user typing it, so you need a reversable encryption. And there you go with the problem. So, not exactly the same use case. Dominique -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org