0

I had created two users on Linux with the same exact passwords, but when I looked at the /etc/shadow file, I found that the hashed values look different, although the salt file is the same. (Please see below, j9T is the salt). Why the hashed passwords are NOT similar, although the slat and password are similar?

# tail /etc/shadow Bob:$y$**j9T**$ewJ0HB756BZDnPjx7zzbm0$i39AKrfuQuvvoQJpujwWd7Z4bcZgN1l0IWeJsNmLzg7:19254:0:99999:7::: Bob:$y$**j9T**$pFF5c93UZvdFYD2nanxEO.$SMhaxtPUPEUZdZZx.b1tGmjXgM67nqBJgMk2sNP.5s4:19254:0:99999:7:::
Improve this question
1
  • similar does not mean same specifically Commented Sep 19, 2022 at 22:18

1 Answer 1

Reset to default
2

The second field (j9T) is not the salt, it's the param (hash complexity parameter). You could read more information about the format of the hash here and here

You salt is actually the third field, and you can see it's different.

The actual hash is the fourth field.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.