how to generate bcrypt 2a variation hash instead of 2y?
Clash Royale CLAN TAG#URR8PPP
On my linux machine, I'm able to generate bcrypt hash from command line using htpassword
htpasswd -bnBC 10 "" password | tr -d ':n'
however it generates "$2y$" but I need "$2a$" (bcrypt 2a). How can I achieve it?
password hashsum
migrated from security.stackexchange.com Jan 26 at 21:38
This question came from our site for information security professionals.
add a comment |
On my linux machine, I'm able to generate bcrypt hash from command line using htpassword
htpasswd -bnBC 10 "" password | tr -d ':n'
however it generates "$2y$" but I need "$2a$" (bcrypt 2a). How can I achieve it?
password hashsum
migrated from security.stackexchange.com Jan 26 at 21:38
This question came from our site for information security professionals.
Related security.stackexchange.com/a/38796/78324
– Jeff Schaller
Jan 26 at 23:15
Fedora has e.g. theperl-Crypt-Eksblowfish
module that can generate these, will a little code
– thrig
Jan 27 at 0:21
add a comment |
On my linux machine, I'm able to generate bcrypt hash from command line using htpassword
htpasswd -bnBC 10 "" password | tr -d ':n'
however it generates "$2y$" but I need "$2a$" (bcrypt 2a). How can I achieve it?
password hashsum
On my linux machine, I'm able to generate bcrypt hash from command line using htpassword
htpasswd -bnBC 10 "" password | tr -d ':n'
however it generates "$2y$" but I need "$2a$" (bcrypt 2a). How can I achieve it?
password hashsum
password hashsum
edited Jan 26 at 21:46
Rui F Ribeiro
40.1k1479135
40.1k1479135
asked Jan 26 at 21:00
BatemanBateman
62
62
migrated from security.stackexchange.com Jan 26 at 21:38
This question came from our site for information security professionals.
migrated from security.stackexchange.com Jan 26 at 21:38
This question came from our site for information security professionals.
Related security.stackexchange.com/a/38796/78324
– Jeff Schaller
Jan 26 at 23:15
Fedora has e.g. theperl-Crypt-Eksblowfish
module that can generate these, will a little code
– thrig
Jan 27 at 0:21
add a comment |
Related security.stackexchange.com/a/38796/78324
– Jeff Schaller
Jan 26 at 23:15
Fedora has e.g. theperl-Crypt-Eksblowfish
module that can generate these, will a little code
– thrig
Jan 27 at 0:21
Related security.stackexchange.com/a/38796/78324
– Jeff Schaller
Jan 26 at 23:15
Related security.stackexchange.com/a/38796/78324
– Jeff Schaller
Jan 26 at 23:15
Fedora has e.g. the
perl-Crypt-Eksblowfish
module that can generate these, will a little code– thrig
Jan 27 at 0:21
Fedora has e.g. the
perl-Crypt-Eksblowfish
module that can generate these, will a little code– thrig
Jan 27 at 0:21
add a comment |
1 Answer
1
active
oldest
votes
You haven't mentioned your use case, but generally, if it's a modern htpasswd implementation, it's generating a $2a$-compatible hash (null-terminated, UTF-8 encoded), even though it's using $2y$ to label the variant.
In other words, you could probably literally replace the 2y with 2a, and it should work.
This StackOverflow answer goes into more detail:
There is no difference between 2a, 2x, 2y, and 2b. If you wrote your
implementation correctly, they all output the same result.
All of the pre-modern variants are rooted in buggy implementations - either in OpenBSD, or in PHP's crypt_blowfish
. If you're working with any modern platform, the hash formats should now be interchangeable.
If you actually need to generate one of the pre-modern (buggy) hashes, you'll have to find an implementation from before the bug was fixed.
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f496935%2fhow-to-generate-bcrypt-2a-variation-hash-instead-of-2y%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You haven't mentioned your use case, but generally, if it's a modern htpasswd implementation, it's generating a $2a$-compatible hash (null-terminated, UTF-8 encoded), even though it's using $2y$ to label the variant.
In other words, you could probably literally replace the 2y with 2a, and it should work.
This StackOverflow answer goes into more detail:
There is no difference between 2a, 2x, 2y, and 2b. If you wrote your
implementation correctly, they all output the same result.
All of the pre-modern variants are rooted in buggy implementations - either in OpenBSD, or in PHP's crypt_blowfish
. If you're working with any modern platform, the hash formats should now be interchangeable.
If you actually need to generate one of the pre-modern (buggy) hashes, you'll have to find an implementation from before the bug was fixed.
add a comment |
You haven't mentioned your use case, but generally, if it's a modern htpasswd implementation, it's generating a $2a$-compatible hash (null-terminated, UTF-8 encoded), even though it's using $2y$ to label the variant.
In other words, you could probably literally replace the 2y with 2a, and it should work.
This StackOverflow answer goes into more detail:
There is no difference between 2a, 2x, 2y, and 2b. If you wrote your
implementation correctly, they all output the same result.
All of the pre-modern variants are rooted in buggy implementations - either in OpenBSD, or in PHP's crypt_blowfish
. If you're working with any modern platform, the hash formats should now be interchangeable.
If you actually need to generate one of the pre-modern (buggy) hashes, you'll have to find an implementation from before the bug was fixed.
add a comment |
You haven't mentioned your use case, but generally, if it's a modern htpasswd implementation, it's generating a $2a$-compatible hash (null-terminated, UTF-8 encoded), even though it's using $2y$ to label the variant.
In other words, you could probably literally replace the 2y with 2a, and it should work.
This StackOverflow answer goes into more detail:
There is no difference between 2a, 2x, 2y, and 2b. If you wrote your
implementation correctly, they all output the same result.
All of the pre-modern variants are rooted in buggy implementations - either in OpenBSD, or in PHP's crypt_blowfish
. If you're working with any modern platform, the hash formats should now be interchangeable.
If you actually need to generate one of the pre-modern (buggy) hashes, you'll have to find an implementation from before the bug was fixed.
You haven't mentioned your use case, but generally, if it's a modern htpasswd implementation, it's generating a $2a$-compatible hash (null-terminated, UTF-8 encoded), even though it's using $2y$ to label the variant.
In other words, you could probably literally replace the 2y with 2a, and it should work.
This StackOverflow answer goes into more detail:
There is no difference between 2a, 2x, 2y, and 2b. If you wrote your
implementation correctly, they all output the same result.
All of the pre-modern variants are rooted in buggy implementations - either in OpenBSD, or in PHP's crypt_blowfish
. If you're working with any modern platform, the hash formats should now be interchangeable.
If you actually need to generate one of the pre-modern (buggy) hashes, you'll have to find an implementation from before the bug was fixed.
edited Jan 27 at 0:44
answered Jan 27 at 0:38
Royce WilliamsRoyce Williams
735618
735618
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f496935%2fhow-to-generate-bcrypt-2a-variation-hash-instead-of-2y%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Related security.stackexchange.com/a/38796/78324
– Jeff Schaller
Jan 26 at 23:15
Fedora has e.g. the
perl-Crypt-Eksblowfish
module that can generate these, will a little code– thrig
Jan 27 at 0:21