MD5 hash different but still the same?

FrankGuthrieFrankGuthrie Member Posts: 245
Ok let me explain why I'm asking this question.

at work we have to devices who authenticate to the same NTP server, but their hashes are different. Shouldn't the hashes match?

I was under the impression that when you use the same password and MD5 would be the same. So then 2 devices authenticate to each other, the MD5 has is sent over the line, and the other side will hash its own password and see if they match?

How can you have 2 different hashes for the same password value?

Comments

  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    The salt added to it was different?
  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    The salt added to it was different?

    This guy may be onto something. Could be a salt value added perhaps?
    I am a Jack of all trades, Master of None
  • SirzertySirzerty Registered Users Posts: 1 ■□□□□□□□□□
    IOS 12? if so it may not actually be md5, our old IOS 12 switches would take cisco 7 passwords when you specified md5. If you hash it in something like wolfram alpha does it come back with the same hash for either?
  • FrankGuthrieFrankGuthrie Member Posts: 245
    But then how does the MD5 function work if it is salted? According to what I learned passwords are not send over the wire, but the hash... The other side hashes the password configured on itself and it should match (if the passwords are the same). Exactly as the picture from the wiki shows.....





    See WIKI:
    https://en.wikipedia.org/wiki/MD5

    So Where am I wrong?
  • OctalDumpOctalDump Member Posts: 1,722
    You concatenate (add) the password and salt, and then hash the result. You can send the salt in clear text, along with the hashed value. The otherside then takes the salt, runs it against the password, and hashes again. The hashes should match if the password+salt are the same. The salt can be changed for every exchange, and can be different on both sides.

    This allows some protection against rainbow table attacks.
    2017 Goals - Something Cisco, Something Linux, Agile PM
Sign In or Register to comment.