How is a password hash encoded in the shadow password file?
In the case of MD5 crypt(), the salt is just a random string of up to 8 characters from [a-zA-Z0-9./].
The salt and password are then hashed together, passed through a strengthening function, then encoded using a variant on Base64:
- the MD5 state (128 bits) is shuffled up and broken into 6 groups, each containing 3 bytes (the final group includes 2 bytes of zero-padding)
- each group of 3 bytes is then split into 4 blocks of 6 bits each
- finally, each 6-bit group is mapped to a character in the range [a-zA-Z0-9./]
If you only want to know how the password is encoded, crypt() uses a special Base64-type of encoding.
Base64 encoding uses the following charset: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
While the crypt() encoding uses this charset: ./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
Also, unlike Base64 there is no "=" padding.
On the other hand, the crypt() implementations of MD5, SHA-X, etc do more than just generate a random salt, run the hash function and encode it using the former encoding.
I recommend reading these two great posts: "Password hashing with MD5-crypt in relation to MD5" and "Implementation of SHA512-crypt vs MD5-crypt", for a more complete explanation.
The first part of the hash in between the $'s indicates what algorithm is being used.
Check out http://en.wikipedia.org/wiki/Crypt_%28Unix%29 for a list of the what the different values mean.