unix-crypt creates and checks passwords that you'd normally find in an /etc/shadow file on your UNIX box.
It's written entirely in Ruby and has no external dependencies.
DES passwords (the standard 13 character password with a 2 character salt)
MD5 passwords (starting with $1$)
SHA256 passwords (starting with $5$)
SHA512 passwords (starting with $6$)
This library is compatible with Ruby 1.8.7 and above. Tested on Ruby 2.0.0p353.
gem install unix-crypt
Using the command line tool
An executable named mkunixcrypt allows you to generate passwords from the command line.
Usage: mkunixcrypt [options] Encrypts password using the unix-crypt gem Options: -h, --hash [HASH] Set hash algorithm [SHA512 (default), SHA256, MD5, DES] -p, --password [PASSWORD] Provide password on command line (insecure!) -s, --salt [SALT] Provide hash salt -r, --rounds [ROUNDS] Set number of hashing rounds (SHA256/SHA512 only) --help Show this message -v, --version Show version
Using the library
You can either validate a password of any type matches its hash:
>> require 'unix_crypt' => true >> UnixCrypt.valid?("Hello world!", "$5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5") => true
Or you can generate a new hash, given a password and salt:
>> UnixCrypt::SHA256.build("Hello world!", "saltstring") => "$5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5"
If a salt is not specified, one will be generated using random data:
>> UnixCrypt::SHA256.build("Hello world!") => "$5$v.fjb6lucDCZKjcf$90gzpr9HYo0eAeaN8rubElJdUUOcVYjTnGePBRvCgt1"
There are four classes you can use, depending on which hashing algorithm you'd like:
UnixCrypt::DES UnixCrypt::MD5 UnixCrypt::SHA256 UnixCrypt::SHA512
Licensed under the BSD license. See LICENSE file for details.
Roger Nesbitt (firstname.lastname@example.org)
Patrick Wyatt (email@example.com)