Security

What salts the password hash?

matt
Splunk Employee
Splunk Employee

What private key pairs are used to generate the hashed passwords in authentication.conf or the passwd file?

Tags (3)
1 Solution

jrodman
Splunk Employee
Splunk Employee

In splunk up to 4.1.2, splunk password hashing is applied to both ssl cert passwords and user login passwords. The mechanism is more of a cipher than a key pair.

The secret used in this cipher is stored in $SPLUNK_HOME/etc/auth/splunk.secret. Thus your stored password datums and this file must match.


After 4.1.2, the passwd file contains a traditional one-way hash of the password string, with salt, just as you would find in a linux or openbsd system. SSL cert passwords, and ldap bind passwords are still ciphered as before.

View solution in original post

jrodman
Splunk Employee
Splunk Employee

In splunk up to 4.1.2, splunk password hashing is applied to both ssl cert passwords and user login passwords. The mechanism is more of a cipher than a key pair.

The secret used in this cipher is stored in $SPLUNK_HOME/etc/auth/splunk.secret. Thus your stored password datums and this file must match.


After 4.1.2, the passwd file contains a traditional one-way hash of the password string, with salt, just as you would find in a linux or openbsd system. SSL cert passwords, and ldap bind passwords are still ciphered as before.

Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Splunk is officially part of Cisco

Revolutionizing how our customers build resilience across their entire digital footprint.   Splunk ...

Splunk APM & RUM | Planned Maintenance March 26 - March 28, 2024

There will be planned maintenance for Splunk APM and RUM between March 26, 2024 and March 28, 2024 as ...