Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Lost password on Sun Solaris; can it be decrypted
Operating Systems Solaris Lost password on Sun Solaris; can it be decrypted Post 302269976 by Perderabo on Friday 19th of December 2008 08:42:23 AM
Old 12-19-2008
Quote:
Originally Posted by jdfeathe
If you're using solaris, with a shadow file for passwords with encryption set to one of the encrytion standards that are supported, john the ripper will crack the password in the shadow file. Not sure what robsonde is talking about ... I've used it a million times to check users passwords.

robsonde has it right. If something is encrypted there must be a way to decrypt it. The algorithm used by unix for passwords is a one-way hash that cannot be reversed. JtR works by trying all possible passwords until it finds one that happens to result in the same hashed value. That is not what is meant by decryption. I will say the JtR is very clever at guessing weak passwords though.

We are required to used strong passwords here at work. To verify compliance I have been asked to run JtR. So far:
Code:
guesses: 1  time: 20:17:21:23  c/s: 324328  trying: lmpsps* - lmpsos!

After 20 days, 17 hours, 21 minutes, and 23 seconds, JtR has guessed one password. Note that the author of JtR chose the verb "guess", not "crack", not "decrypt" or anything like that. It may take decades to guess all of the remaining 186 passwords. And I downloaded dozens of carefully chosen dictionaries to help JtR out, which is the only reason that JtR even has one guess so far.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Root Password Lost !!!

I've forgotten root password on one of Solaris machines, i searched in forumes to find a similar case but there's no proceudre here to reinintialize root password, cause most of related commands & even single user mode needs root password that i don't have. Any solution would be helpful. --rgrds,... (9 Replies)
Discussion started by: nikk
9 Replies

2. UNIX for Advanced & Expert Users

I lost my password root

Hello ... I lost my password root ! maybe someone can to help me to log in HP_UX, i started the server in " Singel - User" and i changed my password to new password and it`s not working .. what i must to do ??? (4 Replies)
Discussion started by: yanly
4 Replies

3. UNIX for Advanced & Expert Users

Lost Root Password

I have recently become the sys adm guy for our unix systems here for my shop. I have a pretty good understanding of the system, but there is just some stuff that I don't know. Right now one of those things is to recover the password for a unix system. I know that there is a way that you can use... (2 Replies)
Discussion started by: GlockCW
2 Replies

4. UNIX for Dummies Questions & Answers

Root Password Lost

I'm attempting to blank out the root user password on a machine that we have forgotten the password for. I have been using the advice posted on this site to boot from CDROM in single user mode, then mounting the root slice and editing the /etc/shadow file. Each time I save the shadow file and... (1 Reply)
Discussion started by: gonzotonka
1 Replies

5. UNIX for Advanced & Expert Users

Help with Lost Root Password

This is a common question im sure... I bought a RS/6000 Model 240. Aix 4.3.3 loaded. No root password was supplied to me, but I do have the install media (4 disks). I want to drop into maint mode. So I place the cd into the drive, restart the box ( by pressing the power button, since i do not have... (3 Replies)
Discussion started by: JoeJohnSmith
3 Replies

6. Solaris

password less login from openssh to SSH Secure Shell 3.0.1 Sun solaris 7

Hi, I would like to login from a Sun server running ssh: Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f to ssh: SSH Secure Shell 3.0.1 on sparc-sun-solaris2.6 How can I achieve this? Thanks a million in advance (1 Reply)
Discussion started by: newbewie
1 Replies

7. Solaris

Firmware password Solaris Sun Fire v440

Hi: I bougth an used Sun Fire v440, and It have a firmware password. When I turn on the server, it ask for firmware password. (I don 't know what is the correct password). I can access to SC, but when I want to access to OBP, Firmware Password appears again. I remove the battery for two hours,... (1 Reply)
Discussion started by: mguazzardo
1 Replies

8. Shell Programming and Scripting

How to pass decrypted password to script

Hi Everybody, I am trying to write a script (ksh) to connect to oracle db via sqlplus. As I do not want the password to be in plain text, I've tried to use java to encrypt and decrypt it but I am not sure how can I pass the decrypted password to the script. Pls advise. Below is what I would... (1 Reply)
Discussion started by: Nick1971
1 Replies

9. What is on Your Mind?

Lost Sun Solaris 10Certification

.............. (1 Reply)
Discussion started by: siddulamadhu
1 Replies

10. Solaris

Failed to recover root password in Solaris 10 on Sparc CPU Sun Ultra10

Failed to recover lost root password for Solaris SunSparc (On Sun Ultra10 - SPARC CPU Hardware, not x86 Intel CPU nor x64 AMD CPU) This Sun Ultra10 workstation comes with an old 6-in wafer probing station purchased from a Surplus equipment vendor. Computer: Sun Ultra 5/10 UPA/PCI... (21 Replies)
Discussion started by: fromtexas0
21 Replies

LEARN ABOUT DEBIAN

rlm_pap

rlm_pap(5)							 FreeRADIUS Module							rlm_pap(5)

NAME

       rlm_pap - FreeRADIUS Module

DESCRIPTION

       The  rlm_pap  module  authenticates RADIUS Access-Request packets that contain a User-Password attribute.  The module should also be listed
       last in the authorize section, so that it can set the Auth-Type attribute as appropriate.

       When a RADIUS packet contains a clear-text password in the form of a User-Password attribute, the rlm_pap module may be used for  authenti-
       cation.	The module requires a "known good" password, which it uses to validate the password given in the RADIUS packet.  That "known good"
       password must be supplied by another module (e.g. rlm_files, rlm_ldap, etc.), and is usually taken from a database.

CONFIGURATION

       The only relevant configuration item is:

       auto_header
	      If set to "yes", the module will look inside of the User-Password attribute for the headers {crypt}, {clear}, etc., and  will  auto-
	      matically create the appropriate attribute, with the correct value.

       This module understands many kinds of password hashing methods, as given by the following table.

       Header	    Attribute	       Description
       ------	    ---------	       -----------
       {clear}	    Cleartext-Password clear-text passwords
       {cleartext}  Cleartext-Password clear-text passwords
       {crypt}	    Crypt-Password     Unix-style "crypt"ed passwords
       {md5}	    MD5-Password       MD5 hashed passwords
       {smd5}	    SMD5-Password      MD5 hashed passwords, with a salt
       {sha}	    SHA-Password       SHA1 hashed passwords
       {ssha}	    SSHA-Password      SHA1 hashed passwords, with a salt
       {nt}	    NT-Password        Windows NT hashed passwords
       {x-nthash}   NT-Password        Windows NT hashed passwords
       {lm}	    LM-Password        Windows Lan Manager (LM) passwords.

       The  module  tries  to  be  flexible  when  handling  the various password formats.  It will automatically handle Base-64 encoded data, hex
       strings, and binary data, and convert them to a format that the server can use.

       It is important to understand the difference between the User-Password and Cleartext-Password attributes.  The Cleartext-Password attribute
       is  the "known good" password for the user.  Simply supplying the Cleartext-Password to the server will result in most authentication meth-
       ods working.  The User-Password attribute is the password as typed in by the user on their private machine.  The two are not the same,  and
       should  be  treated  very differently.  That is, you should generally not use the User-Password attribute anywhere in the RADIUS configura-
       tion.

       For backwards compatibility, there are old configuration parameters which may be work, although we do not recommend using them.

SECTIONS

       authorize authenticate

FILES

       /etc/raddb/radiusd.conf

SEE ALSO

       radiusd(8), radiusd.conf(5)

AUTHOR

       Alan DeKok <aland@freeradius.org>

								    6 June 2008 							rlm_pap(5)
All times are GMT -4. The time now is 12:26 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy