1

I am following the guide to use MySQL to create users in proFTPd. To encrypt passwords, the guide uses the following command:

/bin/echo "{md5}"`/bin/echo -n "password" | openssl dgst -binary -md5 | openssl enc -base64`

I wander how I would do this in PHP? I have googled this but I can't figure out how to implement this command in PHP. Is it just the MD5 hash of the base64 encoded form of the password?

wrichards0
  • 187
  • 4
  • 18
  • There a nice PHP admin implementation for ProFTPD: https://github.com/ChristianBeer/ProFTPd-Admin .I used it, with few changes (Internal security related), in production environment. – Marin N. Jun 17 '16 at 14:22
  • Note MD5 is considered broken for security purposes. You shouldn't ever be using it for passwords nowadays. – Alex Howansky Jun 17 '16 at 15:11

1 Answers1

2

Per ProFTPD's SQL howto FAQ, you might try using:

$password = "{md5}".base64_encode(pack("H*", md5($password)));

It's more than just the MD5 hash of the password; it's the base64-encoded form of the MD5 hash, plus a prefix which indicates which hash algorithm was used (that's the leading {md5} portion of the string).

Hope this helps!

Castaglia
  • 2,972
  • 5
  • 28
  • 49