crypt, crypt_r - password and data encryption


   #define _XOPEN_SOURCE       /* See feature_test_macros(7) */
   #include <unistd.h>

   char *crypt(const char *key, const char *salt);

   #define _GNU_SOURCE         /* See feature_test_macros(7) */
   #include <crypt.h>

   char *crypt_r(const char *key, const char *salt,
                 struct crypt_data *data);

   Link with -lcrypt.


   crypt()  is  the password encryption function.  It is based on the Data
   Encryption Standard algorithm with  variations  intended  (among  other
   things) to discourage use of hardware implementations of a key search.

   key is a user's typed password.

   salt is a two-character string chosen from the set [a-zA-Z0-9./].  This
   string is used to perturb the algorithm in one of 4096 different ways.

   By taking the lowest 7 bits of each of the first  eight  characters  of
   the  key, a 56-bit key is obtained.  This 56-bit key is used to encrypt
   repeatedly a constant  string  (usually  a  string  consisting  of  all
   zeros).   The returned value points to the encrypted password, a series
   of 13 printable ASCII characters (the first  two  characters  represent
   the salt itself).  The return value points to static data whose content
   is overwritten by each call.

   Warning: the key space consists of 2**56 equal 7.2e16 possible  values.
   Exhaustive  searches  of  this  key  space are possible using massively
   parallel computers.  Software, such as  crack(1),  is  available  which
   will  search  the  portion  of this key space that is generally used by
   humans for passwords.  Hence, password selection  should,  at  minimum,
   avoid  common  words  and  names.   The use of a passwd(1) program that
   checks  for  crackable  passwords  during  the  selection  process   is

   The  DES  algorithm  itself  has a few quirks which make the use of the
   crypt() interface a very poor choice for anything other  than  password
   authentication.  If you are planning on using the crypt() interface for
   a cryptography project, don't do it: get a good book on encryption  and
   one of the widely available DES libraries.

   crypt_r()  is a reentrant version of crypt().  The structure pointed to
   by data is used to  store  result  data  and  bookkeeping  information.
   Other than allocating it, the only thing that the caller should do with
   this structure is to set data->initialized to  zero  before  the  first
   call to crypt_r().


   On success, a pointer to the encrypted password is returned.  On error,
   NULL is returned.


   EINVAL salt has the wrong format.

   ENOSYS The crypt() function was not implemented,  probably  because  of
          U.S.A. export restrictions.

   EPERM  /proc/sys/crypto/fips_enabled   has  a  nonzero  value,  and  an
          attempt was made to use a weak encryption type, such as DES.


   For  an  explanation  of  the  terms  used   in   this   section,   see

   Interface  Attribute      Value                
   crypt()    Thread safety  MT-Unsafe race:crypt 
   crypt_r()  Thread safety  MT-Safe              


   crypt():  POSIX.1-2001, POSIX.1-2008, SVr4, 4.3BSD.  crypt_r() is a GNU


   Glibc notes
   The glibc2 version of  this  function  supports  additional  encryption

   If  salt  is  a  character  string  starting with the characters "$id$"
   followed by a string terminated by "$":


   then instead of using the DES machine,  id  identifies  the  encryption
   method  used  and  this  then  determines  how the rest of the password
   string is interpreted.  The following values of id are supported:

          ID  | Method
          1   | MD5
          2a  | Blowfish (not in mainline glibc; added in some
              | Linux distributions)
          5   | SHA-256 (since glibc 2.7)
          6   | SHA-512 (since glibc 2.7)

   So   $5$salt$encrypted   is   an   SHA-256   encoded    password    and
   $6$salt$encrypted is an SHA-512 encoded one.

   "salt" stands for the up to 16 characters following "$id$" in the salt.
   The encrypted part of  the  password  string  is  the  actual  computed
   password.  The size of this string is fixed:

   MD5     | 22 characters
   SHA-256 | 43 characters
   SHA-512 | 86 characters

   The  characters  in  "salt"  and  "encrypted"  are  drawn  from the set
   [a-zA-Z0-9./].  In the MD5 and SHA implementations the  entire  key  is
   significant (instead of only the first 8 bytes in DES).


   login(1), passwd(1), encrypt(3), getpass(3), passwd(5)


   This  page  is  part of release 4.09 of the Linux man-pages project.  A
   description of the project, information about reporting bugs,  and  the
   latest     version     of     this    page,    can    be    found    at

                              2015-08-08                          CRYPT(3)


Personal Opportunity - Free software gives you access to billions of dollars of software at no cost. Use this software for your business, personal use or to develop a profitable skill. Access to source code provides access to a level of capabilities/information that companies protect though copyrights. Open source is a core component of the Internet and it is available to you. Leverage the billions of dollars in resources and capabilities to build a career, establish a business or change the world. The potential is endless for those who understand the opportunity.

Business Opportunity - Goldman Sachs, IBM and countless large corporations are leveraging open source to reduce costs, develop products and increase their bottom lines. Learn what these companies know about open source and how open source can give you the advantage.

Free Software

Free Software provides computer programs and capabilities at no cost but more importantly, it provides the freedom to run, edit, contribute to, and share the software. The importance of free software is a matter of access, not price. Software at no cost is a benefit but ownership rights to the software and source code is far more significant.

Free Office Software - The Libre Office suite provides top desktop productivity tools for free. This includes, a word processor, spreadsheet, presentation engine, drawing and flowcharting, database and math applications. Libre Office is available for Linux or Windows.

Free Books

The Free Books Library is a collection of thousands of the most popular public domain books in an online readable format. The collection includes great classical literature and more recent works where the U.S. copyright has expired. These books are yours to read and use without restrictions.

Source Code - Want to change a program or know how it works? Open Source provides the source code for its programs so that anyone can use, modify or learn how to write those programs themselves. Visit the GNU source code repositories to download the source.


Study at Harvard, Stanford or MIT - Open edX provides free online courses from Harvard, MIT, Columbia, UC Berkeley and other top Universities. Hundreds of courses for almost all major subjects and course levels. Open edx also offers some paid courses and selected certifications.

Linux Manual Pages - A man or manual page is a form of software documentation found on Linux/Unix operating systems. Topics covered include computer programs (including library and system calls), formal standards and conventions, and even abstract concepts.