Sponsored Content
Operating Systems Solaris Lost password on Sun Solaris; can it be decrypted Post 302269976 by Perderabo on Friday 19th of December 2008 08:42:23 AM
Old 12-19-2008
Quote:
Originally Posted by jdfeathe
If you're using solaris, with a shadow file for passwords with encryption set to one of the encrytion standards that are supported, john the ripper will crack the password in the shadow file. Not sure what robsonde is talking about ... I've used it a million times to check users passwords.

robsonde has it right. If something is encrypted there must be a way to decrypt it. The algorithm used by unix for passwords is a one-way hash that cannot be reversed. JtR works by trying all possible passwords until it finds one that happens to result in the same hashed value. That is not what is meant by decryption. I will say the JtR is very clever at guessing weak passwords though.

We are required to used strong passwords here at work. To verify compliance I have been asked to run JtR. So far:
Code:
guesses: 1  time: 20:17:21:23  c/s: 324328  trying: lmpsps* - lmpsos!

After 20 days, 17 hours, 21 minutes, and 23 seconds, JtR has guessed one password. Note that the author of JtR chose the verb "guess", not "crack", not "decrypt" or anything like that. It may take decades to guess all of the remaining 186 passwords. And I downloaded dozens of carefully chosen dictionaries to help JtR out, which is the only reason that JtR even has one guess so far.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Root Password Lost !!!

I've forgotten root password on one of Solaris machines, i searched in forumes to find a similar case but there's no proceudre here to reinintialize root password, cause most of related commands & even single user mode needs root password that i don't have. Any solution would be helpful. --rgrds,... (9 Replies)
Discussion started by: nikk
9 Replies

2. UNIX for Advanced & Expert Users

I lost my password root

Hello ... I lost my password root ! maybe someone can to help me to log in HP_UX, i started the server in " Singel - User" and i changed my password to new password and it`s not working .. what i must to do ??? (4 Replies)
Discussion started by: yanly
4 Replies

3. UNIX for Advanced & Expert Users

Lost Root Password

I have recently become the sys adm guy for our unix systems here for my shop. I have a pretty good understanding of the system, but there is just some stuff that I don't know. Right now one of those things is to recover the password for a unix system. I know that there is a way that you can use... (2 Replies)
Discussion started by: GlockCW
2 Replies

4. UNIX for Dummies Questions & Answers

Root Password Lost

I'm attempting to blank out the root user password on a machine that we have forgotten the password for. I have been using the advice posted on this site to boot from CDROM in single user mode, then mounting the root slice and editing the /etc/shadow file. Each time I save the shadow file and... (1 Reply)
Discussion started by: gonzotonka
1 Replies

5. UNIX for Advanced & Expert Users

Help with Lost Root Password

This is a common question im sure... I bought a RS/6000 Model 240. Aix 4.3.3 loaded. No root password was supplied to me, but I do have the install media (4 disks). I want to drop into maint mode. So I place the cd into the drive, restart the box ( by pressing the power button, since i do not have... (3 Replies)
Discussion started by: JoeJohnSmith
3 Replies

6. Solaris

password less login from openssh to SSH Secure Shell 3.0.1 Sun solaris 7

Hi, I would like to login from a Sun server running ssh: Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f to ssh: SSH Secure Shell 3.0.1 on sparc-sun-solaris2.6 How can I achieve this? Thanks a million in advance (1 Reply)
Discussion started by: newbewie
1 Replies

7. Solaris

Firmware password Solaris Sun Fire v440

Hi: I bougth an used Sun Fire v440, and It have a firmware password. When I turn on the server, it ask for firmware password. (I don 't know what is the correct password). I can access to SC, but when I want to access to OBP, Firmware Password appears again. I remove the battery for two hours,... (1 Reply)
Discussion started by: mguazzardo
1 Replies

8. Shell Programming and Scripting

How to pass decrypted password to script

Hi Everybody, I am trying to write a script (ksh) to connect to oracle db via sqlplus. As I do not want the password to be in plain text, I've tried to use java to encrypt and decrypt it but I am not sure how can I pass the decrypted password to the script. Pls advise. Below is what I would... (1 Reply)
Discussion started by: Nick1971
1 Replies

9. What is on Your Mind?

Lost Sun Solaris 10Certification

.............. (1 Reply)
Discussion started by: siddulamadhu
1 Replies

10. Solaris

Failed to recover root password in Solaris 10 on Sparc CPU Sun Ultra10

Failed to recover lost root password for Solaris SunSparc (On Sun Ultra10 - SPARC CPU Hardware, not x86 Intel CPU nor x64 AMD CPU) This Sun Ultra10 workstation comes with an old 6-in wafer probing station purchased from a Surplus equipment vendor. Computer: Sun Ultra 5/10 UPA/PCI... (21 Replies)
Discussion started by: fromtexas0
21 Replies
pwd_strengthd(1m)														 pwd_strengthd(1m)

NAME
pwd_strengthd - The sample Password Management Server SYNOPSIS
pwd_strengthd [+/-all[_spaces]] [+/-alp[ha_num]] [-c[ache_size]] size [-d[ebug]] [-m[in_len]] pwd_min_len [-t[imeout]] minutes [-v[erbose]] OPTIONS
Allow passwords to be all spaces. If this option is not set, the effective registry policy is used. Disallow passwords to be all spaces. If this option is not set, the effective registry policy is used. Allow passwords to consist only of alphanumeric characters. If this option is not set, the effective registry policy is used. Disallow passwords to consist only of alphanumeric characters. If this option is not set, the effective registry policy is used. Specify the number of hash buckets in the password cache. The password cache is used to store generated passwords which are retrieved when the password is strength checked. The password cache is a hash table with a linked list for collisions. The size should be set to a reasonable value based on how large the cache will be on average. The default value if not specified is 100. Run in the foreground. Log messages are written to standard output. Specify the minimum length of a password. If this option is not set, the effective registry policy is used. Specify the time, in minutes, that generated passwords remain in the cache before they are deleted from memory. If this option is not specified, the default time is 30 minutes. Runs in verbose mode. More detailed messages are sent to the logfile $DCELOCAL/var/security/pwd_strengthd.log. (Use of this option is recommended.) DESCRIPTION
DESCRIPTION pwd_strengthd is a sample Password Management Server. It exports the rsec_pwd_mgmt application programming interface. pwd_strengthd generates passwords and strength-checks them. It enforces the security registry policy for password strength-checking. Administrators can override the security registry policy via the command-line options (alpha_num, all_spaces, min_len.) Administrators can subject principals to password-strength and -generation policies by attaching the following ERAs: Specifies the password management policy the user must conform to when selecting passwords. Specifies information required in order to connect to the password management server. See the OSF DCE Administrator's Guide -- Core Services for more information and examples. You may want to enhance pwd_strengthd to support your site's policies for password strength and generation. pwd_strengthd(1m)
All times are GMT -4. The time now is 09:58 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy