Go to main content

man pages section 7: Standards, Environments, Macros, Character Sets, and Miscellany

Exit Print View

Updated: Wednesday, February 9, 2022
 
 

crypt_unix(7)

Name

crypt_unix - traditional UNIX crypt algorithm

Description

The crypt_unix algorithm is the traditional UNIX crypt algorithm. It is not considered sufficiently secure for current systems and is provided for backward compatibility. The crypt_sha512(7), crypt_sha256(7), or crypt_bsdbf(7) algorithm should be used instead.

The algorithm identifier for policy.conf(5) is __unix__. There is no entry in crypt.conf(5) for this algorithm.

The crypt_unix algorithm is internal to libc and provides the string encoding function used by crypt(3C) when the first character of the salt is not a "$".

This algorithm is based on a one-way encryption algorithm with variations intended (among other things) to frustrate use of hardware implementations of a key search. Only the first eight characters of the key passed to crypt() are used with this algorithm; the rest are silently ignored. The salt is a two-character string chosen from the set [a-zA-Z0-9./]. This string is used to perturb the hashing algorithm in one of 4096 different ways.

The maximum password length for crypt_unix is 8 characters.

Usage

The return value of the crypt_unix algorithm might not be portable among standard-conforming systems. See standards(7).

Attributes

See attributes(7) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
system/library
Interface Stability
Committed

See Also

passwd(1), crypt_gensalt(3C), getpassphrase(3C), crypt(3C), crypt_genhash_impl(3C), crypt_gensalt_impl(3C), crypt.conf(5), passwd(5), policy.conf(5), attributes(7), crypt_bsdbf(7), crypt_sha256(7), crypt_sha512(7), standards(7)

History

This algorithm has been included in all releases of SunOS and Solaris. It was the only algorithm supported by the crypt() function until support for pluggable crypt modules was added to Solaris in Solaris 9 12/02 (Update 2). It was the CRYPT_DEFAULT setting in policy.conf before Solaris 11.0.