NetBSD 10 xài thuật toán băm mật khẩu argon2id chứ hổng phải bcrypt hay yescrypt hay sha512 nhen

Gỏi xoài cá cơm khô chua ngọt – Hình ảnh lấy từ mạng Internet.

Băm mật khẩu trên NetBSD khác FreeBSD và OpenBSD.

NetBSD 10 xài thuật toán băm mật khẩu argon2id để trong /etc/master.passwd.

Nói chung họ nhà BSD như FreeBSD, OpenDSB hay NetBSD thì chuỗi băm mật khẩu sẽ để trong /etc/master.passwd còn họ nhà Linux như Red Hat, Ubuntu, Debian, SUSE, Alpine thì để trong /etc/shadow.

Thật vậy ta có

Lệnh dmesg để coi quá trình khởi động của NetBSB có thông tin về NetBSD 10
# dmesg | head
[   1.000000] Copyright (c) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003,
[   1.000000]   2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013,
[   1.000000]   2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023,
[   1.000000]   2024
[   1.000000]   The NetBSD Foundation, Inc. All rights reserved.
[   1.000000] Copyright (c) 1982, 1986, 1989, 1991, 1993
[   1.000000]   The Regents of the University of California. All rights reserved.

[   1.000000] NetBSD 10.0 (GENERIC) #0: Thu Mar 28 08:33:33 UTC 2024
[   1.000000]     mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC

Lệnh uname để coi kernel của NetBSD có thông tin về NetBSD 10 
nbsd# uname -a
NetBSD nbsd 10.0 NetBSD 10.0 (GENERIC) #0: Thu Mar 28 08:33:33 UTC 2024 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC amd64

Mật khẩu đã băm bằng Argon2id của NetBSD để trong /etc/master.passwd
nbsd# cat /etc/master.passwd
root:$argon2id$v=19$m=4096,t=29,p=1$1xZwg2gmILLy2z0/$tBQBxzG0U+djcg3T8EH9Ux4OTKemIUbtcM0sn2+OeLQ:0:0::0:0:Charlie &:/root:/bin/sh
toor:*:0:0::0:0:Bourne-again Superuser:/root:/rescue/sh
daemon:*:1:1::0:0:The devil himself:/:/sbin/nologin
operator:*:2:5::0:0:System &:/usr/guest/operator:/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/sbin/nologin
games:*:7:13::0:0:& pseudo-user:/usr/games:/sbin/nologin
postfix:*:12:12::0:0:& pseudo-user:/var/spool/postfix:/sbin/nologin
named:*:14:14::0:0:& pseudo-user:/var/chroot/named:/sbin/nologin
ntpd:*:15:15::0:0:& pseudo-user:/var/chroot/ntpd:/sbin/nologin
sshd:*:16:16::0:0:& pseudo-user:/var/chroot/sshd:/sbin/nologin
_pflogd:*:18:18::0:0:& pseudo-user:/var/chroot/pflogd:/sbin/nologin
_rwhod:*:19:19::0:0:& pseudo-user:/var/rwho:/sbin/nologin
_proxy:*:21:21::0:0:Proxy Services:/nonexistent:/sbin/nologin
_timedc:*:22:22::0:0:& pseudo-user:/nonexistent:/sbin/nologin
_sdpd:*:23:23::0:0:& pseudo-user:/nonexistent:/sbin/nologin
_httpd:*:24:24::0:0:& pseudo-user:/var/www:/sbin/nologin
_mdnsd:*:25:25::0:0:& pseudo-user:/nonexistent:/sbin/nologin
_tests:*:26:26::0:0:& pseudo-user:/nonexistent:/sbin/nologin
_tcpdump:*:27:27::0:0:& pseudo-user:/var/chroot/tcpdump:/sbin/nologin
_tss:*:28:28::0:0:& pseudo-user:/var/tpm:/sbin/nologin
_rtadvd:*:30:30::0:0:& pseudo-user:/var/chroot/rtadvd:/sbin/nologin
_unbound:*:32:32::0:0:& pseudo-user:/var/chroot/unbound:/sbin/nologin
_nsd:*:33:33::0:0:& pseudo-user:/var/chroot/nsd:/sbin/nologin
_dhcpcd:*:35:35::0:0:& pseudo-user:/var/chroot/dhcpcd:/sbin/nologin
uucp:*:66:1::0:0:UNIX-to-UNIX Copy:/nonexistent:/sbin/nologin
nobody:*:32767:39::0:0:Unprivileged user:/nonexistent:/sbin/nologin

/etc/passwd.conf là file qui định thuật toán băm mật khẩu của NetBSD 10.

/etc/passwd là file chứa tên các user có trên NetBSD 10.

cat /etc/passwd.conf
#    $NetBSD: passwd.conf,v 1.4 2021/10/26 20:44:45 nia Exp $
#
# passwd.conf(5) -
#    password configuration file
#

default:
    localcipher = argon2id
    ypcipher = old

# cat /etc/passwd
root:*:0:0:Charlie &:/root:/bin/sh
toor:*:0:0:Bourne-again Superuser:/root:/rescue/sh
daemon:*:1:1:The devil himself:/:/sbin/nologin
operator:*:2:5:System &:/usr/guest/operator:/sbin/nologin
bin:*:3:7:Binaries Commands and Source:/:/sbin/nologin
games:*:7:13:& pseudo-user:/usr/games:/sbin/nologin
postfix:*:12:12:& pseudo-user:/var/spool/postfix:/sbin/nologin
named:*:14:14:& pseudo-user:/var/chroot/named:/sbin/nologin
ntpd:*:15:15:& pseudo-user:/var/chroot/ntpd:/sbin/nologin
sshd:*:16:16:& pseudo-user:/var/chroot/sshd:/sbin/nologin
_pflogd:*:18:18:& pseudo-user:/var/chroot/pflogd:/sbin/nologin
_rwhod:*:19:19:& pseudo-user:/var/rwho:/sbin/nologin
_proxy:*:21:21:Proxy Services:/nonexistent:/sbin/nologin
_timedc:*:22:22:& pseudo-user:/nonexistent:/sbin/nologin
_sdpd:*:23:23:& pseudo-user:/nonexistent:/sbin/nologin
_httpd:*:24:24:& pseudo-user:/var/www:/sbin/nologin
_mdnsd:*:25:25:& pseudo-user:/nonexistent:/sbin/nologin
_tests:*:26:26:& pseudo-user:/nonexistent:/sbin/nologin
_tcpdump:*:27:27:& pseudo-user:/var/chroot/tcpdump:/sbin/nologin
_tss:*:28:28:& pseudo-user:/var/tpm:/sbin/nologin
_rtadvd:*:30:30:& pseudo-user:/var/chroot/rtadvd:/sbin/nologin
_unbound:*:32:32:& pseudo-user:/var/chroot/unbound:/sbin/nologin
_nsd:*:33:33:& pseudo-user:/var/chroot/nsd:/sbin/nologin
_dhcpcd:*:35:35:& pseudo-user:/var/chroot/dhcpcd:/sbin/nologin
uucp:*:66:1:UNIX-to-UNIX Copy:/nonexistent:/sbin/nologin
nobody:*:32767:39:Unprivileged user:/nonexistent:/sbin/nologin