You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by jacksonp <ja...@gmail.com> on 2017/09/18 19:59:01 UTC
password hash in mysql guacamole_user table
trying to manually set a password via mysql guacamole_user table. Not
concerned about security, not salting, just want to enter any kind of
password that will work.
Documentation says if password_salt is null, it just ignores.
I tried hashing with sha256 which is how I read the doc.
mkpasswd -m sha-256
Password:
$5$AlqeE/FaJQ.BC$oB5w9sisUTuFjLCQMknBS6XVFSEWH5cAs/84ajS.dO5
But that won't work in a binary(32) field.
Anyone know how to do this correctly?
Thanks!
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: password hash in mysql guacamole_user table
Posted by Steven Pollock <ja...@gmail.com>.
Ah, ok. Good tip. thanks
Regards,
-Steve
(415) 320-1102 <https://www.google.com/voice/#phones>
On Mon, Sep 18, 2017 at 1:15 PM, Goncalo Rosa <go...@v2s.us> wrote:
> I tried everything and that was the only way I managed to make it work.
>
>
>
> Gonçalo Rosa
>
>
>
> [image: grosa_CO]
>
> *W:* www.v2s.us *Skype:* goncalo_rosa
>
>
>
> *From:* Steven Pollock [mailto:jacksonp2008@gmail.com]
> *Sent:* Monday, September 18, 2017 15:11
> *To:* user@guacamole.incubator.apache.org
> *Subject:* Re: password hash in mysql guacamole_user table
>
>
>
> Thanks, Ive read the docs. I just want to inserted a hashed password, no
> salt. What is the mechanism to hash? It doesn't work per my example.
>
>
>
>
> Regards,
>
>
>
> -Steve
>
>
>
> (415) 320-1102 <https://www.google.com/voice/#phones>
>
>
>
> <º(((>< <º(((>< <º(((><
>
>
>
> On Mon, Sep 18, 2017 at 1:09 PM, richk <rk...@gmail.com> wrote:
>
> jacksonp wrote
>
> > trying to manually set a password via mysql guacamole_user table. Not
> > concerned about security, not salting, just want to enter any kind of
> > password that will work.
> >
> > Documentation says if password_salt is null, it just ignores.
> >
> > I tried hashing with sha256 which is how I read the doc.
> >
> > mkpasswd -m sha-256
> > Password:
> > $5$AlqeE/FaJQ.BC$oB5w9sisUTuFjLCQMknBS6XVFSEWH5cAs/84ajS.dO5
> >
> > But that won't work in a binary(32) field.
> >
> > Anyone know how to do this correctly?
> >
> > Thanks!
> >
> >
> >
> >
> > --
> > Sent from: http://apache-guacamole-incubating-users.2363388.n4.
> nabble.com/
>
> Did you try this from the docs without the salt part?
>
> -- Generate salt
> SET @salt = UNHEX(SHA2(UUID(), 256));
>
> -- Create user and hash password with salt
> INSERT INTO guacamole_user (username, password_salt, password_hash)
> VALUES ('myuser', @salt, UNHEX(SHA2(CONCAT('mypassword', HEX(@salt)),
> 256)));
>
> Ref:
> https://guacamole.incubator.apache.org/doc/gug/jdbc-auth.
> html#jdbc-auth-restrict
>
>
>
>
>
> --
> Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
>
>
>
RE: password hash in mysql guacamole_user table
Posted by Goncalo Rosa <go...@v2s.us>.
I tried everything and that was the only way I managed to make it work.
Gonçalo Rosa
[grosa_CO]
W: www.v2s.us<http://www.v2s.us/> Skype: goncalo_rosa
From: Steven Pollock [mailto:jacksonp2008@gmail.com]
Sent: Monday, September 18, 2017 15:11
To: user@guacamole.incubator.apache.org
Subject: Re: password hash in mysql guacamole_user table
Thanks, Ive read the docs. I just want to inserted a hashed password, no salt. What is the mechanism to hash? It doesn't work per my example.
Regards,
-Steve
(415) 320-1102<https://www.google.com/voice/#phones>
<º(((>< <º(((>< <º(((><
On Mon, Sep 18, 2017 at 1:09 PM, richk <rk...@gmail.com>> wrote:
jacksonp wrote
> trying to manually set a password via mysql guacamole_user table. Not
> concerned about security, not salting, just want to enter any kind of
> password that will work.
>
> Documentation says if password_salt is null, it just ignores.
>
> I tried hashing with sha256 which is how I read the doc.
>
> mkpasswd -m sha-256
> Password:
> $5$AlqeE/FaJQ.BC$oB5w9sisUTuFjLCQMknBS6XVFSEWH5cAs/84ajS.dO5
>
> But that won't work in a binary(32) field.
>
> Anyone know how to do this correctly?
>
> Thanks!
>
>
>
>
> --
> Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Did you try this from the docs without the salt part?
-- Generate salt
SET @salt = UNHEX(SHA2(UUID(), 256));
-- Create user and hash password with salt
INSERT INTO guacamole_user (username, password_salt, password_hash)
VALUES ('myuser', @salt, UNHEX(SHA2(CONCAT('mypassword', HEX(@salt)),
256)));
Ref:
https://guacamole.incubator.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-restrict
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: password hash in mysql guacamole_user table
Posted by Steven Pollock <ja...@gmail.com>.
Thanks, Ive read the docs. I just want to inserted a hashed password, no
salt. What is the mechanism to hash? It doesn't work per my example.
Regards,
-Steve
(415) 320-1102 <https://www.google.com/voice/#phones>
<º(((>< <º(((>< <º(((><
On Mon, Sep 18, 2017 at 1:09 PM, richk <rk...@gmail.com> wrote:
> jacksonp wrote
> > trying to manually set a password via mysql guacamole_user table. Not
> > concerned about security, not salting, just want to enter any kind of
> > password that will work.
> >
> > Documentation says if password_salt is null, it just ignores.
> >
> > I tried hashing with sha256 which is how I read the doc.
> >
> > mkpasswd -m sha-256
> > Password:
> > $5$AlqeE/FaJQ.BC$oB5w9sisUTuFjLCQMknBS6XVFSEWH5cAs/84ajS.dO5
> >
> > But that won't work in a binary(32) field.
> >
> > Anyone know how to do this correctly?
> >
> > Thanks!
> >
> >
> >
> >
> > --
> > Sent from: http://apache-guacamole-incubating-users.2363388.n4.
> nabble.com/
>
> Did you try this from the docs without the salt part?
>
> -- Generate salt
> SET @salt = UNHEX(SHA2(UUID(), 256));
>
> -- Create user and hash password with salt
> INSERT INTO guacamole_user (username, password_salt, password_hash)
> VALUES ('myuser', @salt, UNHEX(SHA2(CONCAT('mypassword', HEX(@salt)),
> 256)));
>
> Ref:
> https://guacamole.incubator.apache.org/doc/gug/jdbc-auth.
> html#jdbc-auth-restrict
>
>
>
>
> --
> Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
>
Re: password hash in mysql guacamole_user table
Posted by richk <rk...@gmail.com>.
jacksonp wrote
> trying to manually set a password via mysql guacamole_user table. Not
> concerned about security, not salting, just want to enter any kind of
> password that will work.
>
> Documentation says if password_salt is null, it just ignores.
>
> I tried hashing with sha256 which is how I read the doc.
>
> mkpasswd -m sha-256
> Password:
> $5$AlqeE/FaJQ.BC$oB5w9sisUTuFjLCQMknBS6XVFSEWH5cAs/84ajS.dO5
>
> But that won't work in a binary(32) field.
>
> Anyone know how to do this correctly?
>
> Thanks!
>
>
>
>
> --
> Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Did you try this from the docs without the salt part?
-- Generate salt
SET @salt = UNHEX(SHA2(UUID(), 256));
-- Create user and hash password with salt
INSERT INTO guacamole_user (username, password_salt, password_hash)
VALUES ('myuser', @salt, UNHEX(SHA2(CONCAT('mypassword', HEX(@salt)),
256)));
Ref:
https://guacamole.incubator.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-restrict
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: password hash in mysql guacamole_user table
Posted by Steven Pollock <ja...@gmail.com>.
Got it, many thanks!
Regards,
-Steve
(415) 320-1102 <https://www.google.com/voice/#phones>
<º(((>< <º(((>< <º(((><
On Mon, Sep 18, 2017 at 1:31 PM, Mike Jumper <mi...@guac-dev.org>
wrote:
> On Mon, Sep 18, 2017 at 12:59 PM, jacksonp <ja...@gmail.com> wrote:
>
>> trying to manually set a password via mysql guacamole_user table. Not
>> concerned about security, not salting, just want to enter any kind of
>> password that will work.
>>
>>
> I strongly recommend against using unsalted passwords. Even if you're not
> concerned about security, you should be concerned about security.
>
> Documentation says if password_salt is null, it just ignores.
>>
>> I tried hashing with sha256 which is how I read the doc.
>>
>> mkpasswd -m sha-256
>> Password:
>> $5$AlqeE/FaJQ.BC$oB5w9sisUTuFjLCQMknBS6XVFSEWH5cAs/84ajS.dO5
>>
>>
> mkpasswd will not produce a SHA-256 hash, but rather a salted and hashed
> password formatted as necessary for Linux / UNIX password files like
> /etc/shadow. You are forcing it to use SHA-256, yes, but it is still
> salting the password prior to hashing and formatting the result for use
> within a password file.
>
> If you just want to calculate the SHA-256 hash of an arbitrary string, you
> would do:
>
> echo -n "the-string-to-hash" | sha256sum
>
> That will produce a result like:
>
> d07f9c10b821ac6e82e683831594136438701d7fcfdd7e877b5caca2bdfd31f7 -
>
> That hex value in the result, in this case "d07f9c10b821ac6e82e68383159413
> 6438701d7fcfdd7e877b5caca2bdfd31f7", is the value you're looking for. You
> would then specify that in your INSERT / UPDATE, using UNHEX() to transform
> it into a BINARY(32).
>
> - Mike
>
>
Re: password hash in mysql guacamole_user table
Posted by Mike Jumper <mi...@guac-dev.org>.
On Mon, Sep 18, 2017 at 12:59 PM, jacksonp <ja...@gmail.com> wrote:
> trying to manually set a password via mysql guacamole_user table. Not
> concerned about security, not salting, just want to enter any kind of
> password that will work.
>
>
I strongly recommend against using unsalted passwords. Even if you're not
concerned about security, you should be concerned about security.
Documentation says if password_salt is null, it just ignores.
>
> I tried hashing with sha256 which is how I read the doc.
>
> mkpasswd -m sha-256
> Password:
> $5$AlqeE/FaJQ.BC$oB5w9sisUTuFjLCQMknBS6XVFSEWH5cAs/84ajS.dO5
>
>
mkpasswd will not produce a SHA-256 hash, but rather a salted and hashed
password formatted as necessary for Linux / UNIX password files like
/etc/shadow. You are forcing it to use SHA-256, yes, but it is still
salting the password prior to hashing and formatting the result for use
within a password file.
If you just want to calculate the SHA-256 hash of an arbitrary string, you
would do:
echo -n "the-string-to-hash" | sha256sum
That will produce a result like:
d07f9c10b821ac6e82e683831594136438701d7fcfdd7e877b5caca2bdfd31f7 -
That hex value in the result, in this case
"d07f9c10b821ac6e82e683831594136438701d7fcfdd7e877b5caca2bdfd31f7", is the
value you're looking for. You would then specify that in your INSERT /
UPDATE, using UNHEX() to transform it into a BINARY(32).
- Mike
RE: password hash in mysql guacamole_user table
Posted by Goncalo Rosa <go...@v2s.us>.
Hello Jackson
Use this:
------------------------------------------
-- Generate salt
SET @salt = UNHEX(SHA2(UUID(), 256));
-- Update user and hash password with salt
UPDATE guacamole_user
SET
password_salt = @salt,
password_hash = UNHEX(SHA2(CONCAT('mypassword', HEX(@salt)), 256))
WHERE
username = 'myuser';
-------------------------------------------------------------------------
Gonçalo Rosa
W: www.v2s.us Skype: goncalo_rosa
-----Original Message-----
From: jacksonp [mailto:jacksonp2008@gmail.com]
Sent: Monday, September 18, 2017 14:59
To: user@guacamole.incubator.apache.org
Subject: password hash in mysql guacamole_user table
trying to manually set a password via mysql guacamole_user table. Not concerned about security, not salting, just want to enter any kind of password that will work.
Documentation says if password_salt is null, it just ignores.
I tried hashing with sha256 which is how I read the doc.
mkpasswd -m sha-256
Password:
$5$AlqeE/FaJQ.BC$oB5w9sisUTuFjLCQMknBS6XVFSEWH5cAs/84ajS.dO5
But that won't work in a binary(32) field.
Anyone know how to do this correctly?
Thanks!
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/