how to generate bcrypt 2a variation hash instead of 2y?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP












0















On my linux machine, I'm able to generate bcrypt hash from command line using htpassword



htpasswd -bnBC 10 "" password | tr -d ':n'


however it generates "$2y$" but I need "$2a$" (bcrypt 2a). How can I achieve it?










share|improve this question















migrated from security.stackexchange.com Jan 26 at 21:38


This question came from our site for information security professionals.


















  • Related security.stackexchange.com/a/38796/78324

    – Jeff Schaller
    Jan 26 at 23:15











  • Fedora has e.g. the perl-Crypt-Eksblowfish module that can generate these, will a little code

    – thrig
    Jan 27 at 0:21















0















On my linux machine, I'm able to generate bcrypt hash from command line using htpassword



htpasswd -bnBC 10 "" password | tr -d ':n'


however it generates "$2y$" but I need "$2a$" (bcrypt 2a). How can I achieve it?










share|improve this question















migrated from security.stackexchange.com Jan 26 at 21:38


This question came from our site for information security professionals.


















  • Related security.stackexchange.com/a/38796/78324

    – Jeff Schaller
    Jan 26 at 23:15











  • Fedora has e.g. the perl-Crypt-Eksblowfish module that can generate these, will a little code

    – thrig
    Jan 27 at 0:21













0












0








0








On my linux machine, I'm able to generate bcrypt hash from command line using htpassword



htpasswd -bnBC 10 "" password | tr -d ':n'


however it generates "$2y$" but I need "$2a$" (bcrypt 2a). How can I achieve it?










share|improve this question
















On my linux machine, I'm able to generate bcrypt hash from command line using htpassword



htpasswd -bnBC 10 "" password | tr -d ':n'


however it generates "$2y$" but I need "$2a$" (bcrypt 2a). How can I achieve it?







password hashsum






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 26 at 21:46









Rui F Ribeiro

40.1k1479135




40.1k1479135










asked Jan 26 at 21:00









BatemanBateman

62




62




migrated from security.stackexchange.com Jan 26 at 21:38


This question came from our site for information security professionals.









migrated from security.stackexchange.com Jan 26 at 21:38


This question came from our site for information security professionals.














  • Related security.stackexchange.com/a/38796/78324

    – Jeff Schaller
    Jan 26 at 23:15











  • Fedora has e.g. the perl-Crypt-Eksblowfish module that can generate these, will a little code

    – thrig
    Jan 27 at 0:21

















  • Related security.stackexchange.com/a/38796/78324

    – Jeff Schaller
    Jan 26 at 23:15











  • Fedora has e.g. the perl-Crypt-Eksblowfish module that can generate these, will a little code

    – thrig
    Jan 27 at 0:21
















Related security.stackexchange.com/a/38796/78324

– Jeff Schaller
Jan 26 at 23:15





Related security.stackexchange.com/a/38796/78324

– Jeff Schaller
Jan 26 at 23:15













Fedora has e.g. the perl-Crypt-Eksblowfish module that can generate these, will a little code

– thrig
Jan 27 at 0:21





Fedora has e.g. the perl-Crypt-Eksblowfish module that can generate these, will a little code

– thrig
Jan 27 at 0:21










1 Answer
1






active

oldest

votes


















1














You haven't mentioned your use case, but generally, if it's a modern htpasswd implementation, it's generating a $2a$-compatible hash (null-terminated, UTF-8 encoded), even though it's using $2y$ to label the variant.



In other words, you could probably literally replace the 2y with 2a, and it should work.



This StackOverflow answer goes into more detail:




There is no difference between 2a, 2x, 2y, and 2b. If you wrote your
implementation correctly, they all output the same result.




All of the pre-modern variants are rooted in buggy implementations - either in OpenBSD, or in PHP's crypt_blowfish. If you're working with any modern platform, the hash formats should now be interchangeable.



If you actually need to generate one of the pre-modern (buggy) hashes, you'll have to find an implementation from before the bug was fixed.






share|improve this answer
























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f496935%2fhow-to-generate-bcrypt-2a-variation-hash-instead-of-2y%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    You haven't mentioned your use case, but generally, if it's a modern htpasswd implementation, it's generating a $2a$-compatible hash (null-terminated, UTF-8 encoded), even though it's using $2y$ to label the variant.



    In other words, you could probably literally replace the 2y with 2a, and it should work.



    This StackOverflow answer goes into more detail:




    There is no difference between 2a, 2x, 2y, and 2b. If you wrote your
    implementation correctly, they all output the same result.




    All of the pre-modern variants are rooted in buggy implementations - either in OpenBSD, or in PHP's crypt_blowfish. If you're working with any modern platform, the hash formats should now be interchangeable.



    If you actually need to generate one of the pre-modern (buggy) hashes, you'll have to find an implementation from before the bug was fixed.






    share|improve this answer





























      1














      You haven't mentioned your use case, but generally, if it's a modern htpasswd implementation, it's generating a $2a$-compatible hash (null-terminated, UTF-8 encoded), even though it's using $2y$ to label the variant.



      In other words, you could probably literally replace the 2y with 2a, and it should work.



      This StackOverflow answer goes into more detail:




      There is no difference between 2a, 2x, 2y, and 2b. If you wrote your
      implementation correctly, they all output the same result.




      All of the pre-modern variants are rooted in buggy implementations - either in OpenBSD, or in PHP's crypt_blowfish. If you're working with any modern platform, the hash formats should now be interchangeable.



      If you actually need to generate one of the pre-modern (buggy) hashes, you'll have to find an implementation from before the bug was fixed.






      share|improve this answer



























        1












        1








        1







        You haven't mentioned your use case, but generally, if it's a modern htpasswd implementation, it's generating a $2a$-compatible hash (null-terminated, UTF-8 encoded), even though it's using $2y$ to label the variant.



        In other words, you could probably literally replace the 2y with 2a, and it should work.



        This StackOverflow answer goes into more detail:




        There is no difference between 2a, 2x, 2y, and 2b. If you wrote your
        implementation correctly, they all output the same result.




        All of the pre-modern variants are rooted in buggy implementations - either in OpenBSD, or in PHP's crypt_blowfish. If you're working with any modern platform, the hash formats should now be interchangeable.



        If you actually need to generate one of the pre-modern (buggy) hashes, you'll have to find an implementation from before the bug was fixed.






        share|improve this answer















        You haven't mentioned your use case, but generally, if it's a modern htpasswd implementation, it's generating a $2a$-compatible hash (null-terminated, UTF-8 encoded), even though it's using $2y$ to label the variant.



        In other words, you could probably literally replace the 2y with 2a, and it should work.



        This StackOverflow answer goes into more detail:




        There is no difference between 2a, 2x, 2y, and 2b. If you wrote your
        implementation correctly, they all output the same result.




        All of the pre-modern variants are rooted in buggy implementations - either in OpenBSD, or in PHP's crypt_blowfish. If you're working with any modern platform, the hash formats should now be interchangeable.



        If you actually need to generate one of the pre-modern (buggy) hashes, you'll have to find an implementation from before the bug was fixed.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Jan 27 at 0:44

























        answered Jan 27 at 0:38









        Royce WilliamsRoyce Williams

        735618




        735618



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f496935%2fhow-to-generate-bcrypt-2a-variation-hash-instead-of-2y%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown






            Popular posts from this blog

            How to check contact read email or not when send email to Individual?

            Displaying single band from multi-band raster using QGIS

            How many registers does an x86_64 CPU actually have?