There's a perl module Crypt::Blowfish, that might be of help for you.
Helmut
--
-------------------------------------------------------------------------
Helmut Lichtenberg <Helmut.Li...@fli.bund.de> Tel.: 05034/871-128
Institut für Nutztiergenetik (FLI) 31535 Neustadt Germany
-------------------------------------------------------------------------
Blowfish? I've never heard of anyone using that for passwords.
Standard Linux IME is md5.
mkpasswd *is* in fact the standard tool for this purpose, and it can
produce a variety of formats:
$ mkpasswd -m help
Available methods:
des standard 56 bit DES-based crypt(3)
md5 MD5
sha-256 SHA-256
sha-512 SHA-512
-Robin
--
They say: "The first AIs will be built by the military as weapons."
And I'm thinking: "Does it even occur to you to try for something
other than the default outcome?" -- http://shorl.com/tydruhedufogre
http://www.digitalkingdom.org/~rlpowell/ *** http://www.lojban.org/
> Isn't Blowfish an encryption algorithm?
>
> Passwords are based on one-way hashes such as SHA, or MD5.
>
> Perhaps there is a mode for Blowfish for which I am not familiar, but
> I think that you're looking for something that doesn't exist.
OpenBSD people implemented a blowfish password hashing code. Code for
ruby is contained in the bcrypt gem.
cheers Pete
> Interesting, this still seems...odd, but it should work, though I'm
> still skeptical of using a cipher versus a true one-way hash.
The normal Unix crypt(3) method uses a variant of DES to make a one-way
hash. Basically, you use the password as the key to encrypt a constant
string. That's been used for 30 years or so, and the only real weakness
I can recall hearing about it is that the key is too short (8 characters,
and if you use anything longer, only the 8 first characters are used).
/Bellman