Security

What salts the password hash?

matt
Splunk Employee
Splunk Employee

What private key pairs are used to generate the hashed passwords in authentication.conf or the passwd file?

Tags (3)
1 Solution

jrodman
Splunk Employee
Splunk Employee

In splunk up to 4.1.2, splunk password hashing is applied to both ssl cert passwords and user login passwords. The mechanism is more of a cipher than a key pair.

The secret used in this cipher is stored in $SPLUNK_HOME/etc/auth/splunk.secret. Thus your stored password datums and this file must match.


After 4.1.2, the passwd file contains a traditional one-way hash of the password string, with salt, just as you would find in a linux or openbsd system. SSL cert passwords, and ldap bind passwords are still ciphered as before.

View solution in original post

jrodman
Splunk Employee
Splunk Employee

In splunk up to 4.1.2, splunk password hashing is applied to both ssl cert passwords and user login passwords. The mechanism is more of a cipher than a key pair.

The secret used in this cipher is stored in $SPLUNK_HOME/etc/auth/splunk.secret. Thus your stored password datums and this file must match.


After 4.1.2, the passwd file contains a traditional one-way hash of the password string, with salt, just as you would find in a linux or openbsd system. SSL cert passwords, and ldap bind passwords are still ciphered as before.

Get Updates on the Splunk Community!

Get ready to show some Splunk Certification swagger at .conf24!

Dive into the deep end of data by earning a Splunk Certification at .conf24. We're enticing you again this ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Now On-Demand Join us to learn more about how you can leverage Service Level Objectives (SLOs) and the new ...

Database Performance Sidebar Panel Now on APM Database Query Performance & Service ...

We’ve streamlined the troubleshooting experience for database-related service issues by adding a database ...