Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Lost password on Sun Solaris; can it be decrypted
Operating Systems Solaris Lost password on Sun Solaris; can it be decrypted Post 302269976 by Perderabo on Friday 19th of December 2008 08:42:23 AM
Old 12-19-2008
Quote:
Originally Posted by jdfeathe
If you're using solaris, with a shadow file for passwords with encryption set to one of the encrytion standards that are supported, john the ripper will crack the password in the shadow file. Not sure what robsonde is talking about ... I've used it a million times to check users passwords.

robsonde has it right. If something is encrypted there must be a way to decrypt it. The algorithm used by unix for passwords is a one-way hash that cannot be reversed. JtR works by trying all possible passwords until it finds one that happens to result in the same hashed value. That is not what is meant by decryption. I will say the JtR is very clever at guessing weak passwords though.

We are required to used strong passwords here at work. To verify compliance I have been asked to run JtR. So far:
Code:
guesses: 1  time: 20:17:21:23  c/s: 324328  trying: lmpsps* - lmpsos!

After 20 days, 17 hours, 21 minutes, and 23 seconds, JtR has guessed one password. Note that the author of JtR chose the verb "guess", not "crack", not "decrypt" or anything like that. It may take decades to guess all of the remaining 186 passwords. And I downloaded dozens of carefully chosen dictionaries to help JtR out, which is the only reason that JtR even has one guess so far.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Root Password Lost !!!

I've forgotten root password on one of Solaris machines, i searched in forumes to find a similar case but there's no proceudre here to reinintialize root password, cause most of related commands & even single user mode needs root password that i don't have. Any solution would be helpful. --rgrds,... (9 Replies)
Discussion started by: nikk
9 Replies

2. UNIX for Advanced & Expert Users

I lost my password root

Hello ... I lost my password root ! maybe someone can to help me to log in HP_UX, i started the server in " Singel - User" and i changed my password to new password and it`s not working .. what i must to do ??? (4 Replies)
Discussion started by: yanly
4 Replies

3. UNIX for Advanced & Expert Users

Lost Root Password

I have recently become the sys adm guy for our unix systems here for my shop. I have a pretty good understanding of the system, but there is just some stuff that I don't know. Right now one of those things is to recover the password for a unix system. I know that there is a way that you can use... (2 Replies)
Discussion started by: GlockCW
2 Replies

4. UNIX for Dummies Questions & Answers

Root Password Lost

I'm attempting to blank out the root user password on a machine that we have forgotten the password for. I have been using the advice posted on this site to boot from CDROM in single user mode, then mounting the root slice and editing the /etc/shadow file. Each time I save the shadow file and... (1 Reply)
Discussion started by: gonzotonka
1 Replies

5. UNIX for Advanced & Expert Users

Help with Lost Root Password

This is a common question im sure... I bought a RS/6000 Model 240. Aix 4.3.3 loaded. No root password was supplied to me, but I do have the install media (4 disks). I want to drop into maint mode. So I place the cd into the drive, restart the box ( by pressing the power button, since i do not have... (3 Replies)
Discussion started by: JoeJohnSmith
3 Replies

6. Solaris

password less login from openssh to SSH Secure Shell 3.0.1 Sun solaris 7

Hi, I would like to login from a Sun server running ssh: Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f to ssh: SSH Secure Shell 3.0.1 on sparc-sun-solaris2.6 How can I achieve this? Thanks a million in advance (1 Reply)
Discussion started by: newbewie
1 Replies

7. Solaris

Firmware password Solaris Sun Fire v440

Hi: I bougth an used Sun Fire v440, and It have a firmware password. When I turn on the server, it ask for firmware password. (I don 't know what is the correct password). I can access to SC, but when I want to access to OBP, Firmware Password appears again. I remove the battery for two hours,... (1 Reply)
Discussion started by: mguazzardo
1 Replies

8. Shell Programming and Scripting

How to pass decrypted password to script

Hi Everybody, I am trying to write a script (ksh) to connect to oracle db via sqlplus. As I do not want the password to be in plain text, I've tried to use java to encrypt and decrypt it but I am not sure how can I pass the decrypted password to the script. Pls advise. Below is what I would... (1 Reply)
Discussion started by: Nick1971
1 Replies

9. What is on Your Mind?

Lost Sun Solaris 10Certification

.............. (1 Reply)
Discussion started by: siddulamadhu
1 Replies

10. Solaris

Failed to recover root password in Solaris 10 on Sparc CPU Sun Ultra10

Failed to recover lost root password for Solaris SunSparc (On Sun Ultra10 - SPARC CPU Hardware, not x86 Intel CPU nor x64 AMD CPU) This Sun Ultra10 workstation comes with an old 6-in wafer probing station purchased from a Surplus equipment vendor. Computer: Sun Ultra 5/10 UPA/PCI... (21 Replies)
Discussion started by: fromtexas0
21 Replies

LEARN ABOUT XFREE86

chpasswd

CHPASSWD(8)                                                 System Management Commands                                                 CHPASSWD(8)

NAME

       chpasswd - update passwords in batch mode

SYNOPSIS

       chpasswd [options]

DESCRIPTION

       The chpasswd command reads a list of user name and password pairs from standard input and uses this information to update a group of
       existing users. Each line is of the format:

       user_name:password

       By default the passwords must be supplied in clear-text, and are encrypted by chpasswd. Also the password age will be updated, if present.

       By default, passwords are encrypted by PAM, but (even if not recommended) you can select a different encryption method with the -e, -m, or
       -c options.

       Except when PAM is used to encrypt the passwords, chpasswd first updates all the passwords in memory, and then commits all the changes to
       disk if no errors occurred for any user.

       When PAM is used to encrypt the passwords (and update the passwords in the system database) then if a password cannot be updated chpasswd
       continues updating the passwords of the next users, and will return an error code on exit.

       This command is intended to be used in a large system environment where many accounts are created at a single time.

OPTIONS

       The options which apply to the chpasswd command are:

       -c, --crypt-method METHOD
           Use the specified method to encrypt the passwords.

           The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods.

           By default, PAM is used to encrypt the passwords.

       -e, --encrypted
           Supplied passwords are in encrypted form.

       -h, --help
           Display help message and exit.

       -m, --md5
           Use MD5 encryption instead of DES when the supplied passwords are not encrypted.

       -R, --root CHROOT_DIR
           Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.

       -s, --sha-rounds ROUNDS
           Use the specified number of rounds to encrypt the passwords.

           The value 0 means that the system will choose the default number of rounds for the crypt method (5000).

           A minimal value of 1000 and a maximal value of 999,999,999 will be enforced.

           You can only use this option with the SHA256 or SHA512 crypt method.

           By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in /etc/login.defs.

CAVEATS

       Remember to set permissions or umask to prevent readability of unencrypted files by other users.

CONFIGURATION

       The following configuration variables in /etc/login.defs change the behavior of this tool:

       SHA_CRYPT_MIN_ROUNDS (number), SHA_CRYPT_MAX_ROUNDS (number)
           When ENCRYPT_METHOD is set to SHA256 or SHA512, this defines the number of SHA rounds used by the encryption algorithm by default (when
           the number of rounds is not specified on the command line).

           With a lot of rounds, it is more difficult to brute forcing the password. But note also that more CPU resources will be needed to
           authenticate users.

           If not specified, the libc will choose the default number of rounds (5000).

           The values must be inside the 1000-999,999,999 range.

           If only one of the SHA_CRYPT_MIN_ROUNDS or SHA_CRYPT_MAX_ROUNDS values is set, then this value will be used.

           If SHA_CRYPT_MIN_ROUNDS > SHA_CRYPT_MAX_ROUNDS, the highest value will be used.

           Note: This only affect the generation of group passwords. The generation of user passwords is done by PAM and subject to the PAM
           configuration. It is recommended to set this variable consistently with the PAM configuration.

FILES

       /etc/passwd
           User account information.

       /etc/shadow
           Secure user account information.

       /etc/login.defs
           Shadow password suite configuration.

       /etc/pam.d/chpasswd
           PAM configuration for chpasswd.

SEE ALSO

       passwd(1), newusers(8), login.defs(5), useradd(8).

shadow-utils 4.5                                                    01/25/2018                                                         CHPASSWD(8)
All times are GMT -4. The time now is 07:31 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy