Skip to content
Snippets Groups Projects
Select Git revision
  • dd_area_choosers_common_refactor
  • dailybuild_linux-x64
  • dailybuild_win32
  • master default protected
  • sqlite
  • rip_abstraction
  • dailybuild_macos-armv8
  • dd_file_lister_filanem_in_desc_color
  • mode7
  • dd_msg_reader_are_you_there_warning_improvement
  • c23-playing
  • syncterm-1.3
  • syncterm-1.2
  • test-build
  • hide_remote_connection_with_telgate
  • 638-can-t-control-c-during-a-file-search
  • add_body_to_pager_email
  • mingw32-build
  • cryptlib-3.4.7
  • ree/mastermind
  • sbbs320d
  • syncterm-1.6
  • syncterm-1.5
  • syncterm-1.4
  • sbbs320b
  • syncterm-1.3
  • syncterm-1.2
  • syncterm-1.2rc6
  • syncterm-1.2rc5
  • push
  • syncterm-1.2rc4
  • syncterm-1.2rc2
  • syncterm-1.2rc1
  • sbbs319b
  • sbbs318b
  • goodbuild_linux-x64_Sep-01-2020
  • goodbuild_win32_Sep-01-2020
  • goodbuild_linux-x64_Aug-31-2020
  • goodbuild_win32_Aug-31-2020
  • goodbuild_win32_Aug-30-2020
40 results

rlogin.js

Blame
    • Rob Swindell's avatar
      0b011cc8
      Add '-h' option to send a salted and hashed password to the server · 0b011cc8
      Rob Swindell authored 
      Like the -p option, except the server won't get a copy of the client BBS
user's password or be able to decode it.

The user's password, user number and account creation date are used to generate
the password hash (along with the salt), so changing any of these will change
the resulting hashed password sent (and presumably logged/stored) on the
server. The resulting SHA-1 hash is sent as 40 hexadecimal digits.

The default salt is the system's QWK-ID, but the sysop can specify their own
salt (e.g. random number or secret passphrase) via the "salt" key in the
[rlogin] section of modopts.ini or root section of ctrl/modopts/rlogin.ini
      0b011cc8
      History
      Add '-h' option to send a salted and hashed password to the server
      Rob Swindell authored 
      Like the -p option, except the server won't get a copy of the client BBS
user's password or be able to decode it.

The user's password, user number and account creation date are used to generate
the password hash (along with the salt), so changing any of these will change
the resulting hashed password sent (and presumably logged/stored) on the
server. The resulting SHA-1 hash is sent as 40 hexadecimal digits.

The default salt is the system's QWK-ID, but the sysop can specify their own
salt (e.g. random number or secret passphrase) via the "salt" key in the
[rlogin] section of modopts.ini or root section of ctrl/modopts/rlogin.ini