Solved: Re: What salts the password hash?

matt · ‎01-15-2010

What private key pairs are used to generate the hashed passwords in authentication.conf or the passwd file?

jrodman · ‎01-15-2010

In splunk up to 4.1.2, splunk password hashing is applied to both ssl cert passwords and user login passwords. The mechanism is more of a cipher than a key pair.

The secret used in this cipher is stored in $SPLUNK_HOME/etc/auth/splunk.secret. Thus your stored password datums and this file must match.

After 4.1.2, the passwd file contains a traditional one-way hash of the password string, with salt, just as you would find in a linux or openbsd system. SSL cert passwords, and ldap bind passwords are still ciphered as before.

View solution in original post

jrodman · ‎01-15-2010

In splunk up to 4.1.2, splunk password hashing is applied to both ssl cert passwords and user login passwords. The mechanism is more of a cipher than a key pair.

The secret used in this cipher is stored in $SPLUNK_HOME/etc/auth/splunk.secret. Thus your stored password datums and this file must match.

After 4.1.2, the passwd file contains a traditional one-way hash of the password string, with salt, just as you would find in a linux or openbsd system. SSL cert passwords, and ldap bind passwords are still ciphered as before.

What salts the password hash?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Join the Conversation