If you're using solaris, with a shadow file for passwords with encryption set to one of the encrytion standards that are supported, john the ripper will crack the password in the shadow file. Not sure what robsonde is talking about ... I've used it a million times to check users passwords.
robsonde has it right. If something is encrypted there must be a way to decrypt it. The algorithm used by unix for passwords is a one-way hash that cannot be reversed. JtR works by trying all possible passwords until it finds one that happens to result in the same hashed value. That is not what is meant by decryption. I will say the JtR is very clever at guessing weak passwords though.
We are required to used strong passwords here at work. To verify compliance I have been asked to run JtR. So far:
After 20 days, 17 hours, 21 minutes, and 23 seconds, JtR has guessed one password. Note that the author of JtR chose the verb "guess", not "crack", not "decrypt" or anything like that. It may take decades to guess all of the remaining 186 passwords. And I downloaded dozens of carefully chosen dictionaries to help JtR out, which is the only reason that JtR even has one guess so far.
I've forgotten root password on one of Solaris machines, i searched in forumes to find a similar case but there's no proceudre here to reinintialize root password, cause most of related commands & even single user mode needs root password that i don't have.
Any solution would be helpful.
--rgrds,... (9 Replies)
Hello ...
I lost my password root !
maybe someone can to help me to log in HP_UX,
i started the server in " Singel - User" and i changed my
password to new password and it`s not working ..
what i must to do ??? (4 Replies)
I have recently become the sys adm guy for our unix systems here for my shop. I have a pretty good understanding of the system, but there is just some stuff that I don't know. Right now one of those things is to recover the password for a unix system.
I know that there is a way that you can use... (2 Replies)
I'm attempting to blank out the root user password on a machine that we have forgotten the password for. I have been using the advice posted on this site to boot from CDROM in single user mode, then mounting the root slice and editing the /etc/shadow file. Each time I save the shadow file and... (1 Reply)
This is a common question im sure... I bought a RS/6000 Model 240. Aix 4.3.3 loaded. No root password was supplied to me, but I do have the install media (4 disks). I want to drop into maint mode. So I place the cd into the drive, restart the box ( by pressing the power button, since i do not have... (3 Replies)
Hi,
I would like to login from a Sun server running ssh:
Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f
to
ssh: SSH Secure Shell 3.0.1 on sparc-sun-solaris2.6
How can I achieve this?
Thanks a million in advance (1 Reply)
Hi:
I bougth an used Sun Fire v440, and It have a firmware password. When I turn on the server, it ask for firmware password. (I don 't know what is the correct password). I can access to SC, but when I want to access to OBP, Firmware Password appears again. I remove the battery for two hours,... (1 Reply)
Hi Everybody,
I am trying to write a script (ksh) to connect to oracle db via sqlplus.
As I do not want the password to be in plain text, I've tried to use java to encrypt and decrypt it but I am not sure how can I pass the decrypted password to the script. Pls advise.
Below is what I would... (1 Reply)
Failed to recover lost root password for Solaris SunSparc
(On Sun Ultra10 - SPARC CPU Hardware, not x86 Intel CPU nor x64 AMD CPU)
This Sun Ultra10 workstation comes with an old 6-in wafer probing station purchased from a Surplus equipment vendor.
Computer: Sun Ultra 5/10 UPA/PCI... (21 Replies)
Discussion started by: fromtexas0
21 Replies
LEARN ABOUT DEBIAN
rlm_pap
rlm_pap(5) FreeRADIUS Module rlm_pap(5)NAME
rlm_pap - FreeRADIUS Module
DESCRIPTION
The rlm_pap module authenticates RADIUS Access-Request packets that contain a User-Password attribute. The module should also be listed
last in the authorize section, so that it can set the Auth-Type attribute as appropriate.
When a RADIUS packet contains a clear-text password in the form of a User-Password attribute, the rlm_pap module may be used for authenti-
cation. The module requires a "known good" password, which it uses to validate the password given in the RADIUS packet. That "known good"
password must be supplied by another module (e.g. rlm_files, rlm_ldap, etc.), and is usually taken from a database.
CONFIGURATION
The only relevant configuration item is:
auto_header
If set to "yes", the module will look inside of the User-Password attribute for the headers {crypt}, {clear}, etc., and will auto-
matically create the appropriate attribute, with the correct value.
This module understands many kinds of password hashing methods, as given by the following table.
Header Attribute Description
--------------------------
{clear} Cleartext-Password clear-text passwords
{cleartext} Cleartext-Password clear-text passwords
{crypt} Crypt-Password Unix-style "crypt"ed passwords
{md5} MD5-Password MD5 hashed passwords
{smd5} SMD5-Password MD5 hashed passwords, with a salt
{sha} SHA-Password SHA1 hashed passwords
{ssha} SSHA-Password SHA1 hashed passwords, with a salt
{nt} NT-Password Windows NT hashed passwords
{x-nthash} NT-Password Windows NT hashed passwords
{lm} LM-Password Windows Lan Manager (LM) passwords.
The module tries to be flexible when handling the various password formats. It will automatically handle Base-64 encoded data, hex
strings, and binary data, and convert them to a format that the server can use.
It is important to understand the difference between the User-Password and Cleartext-Password attributes. The Cleartext-Password attribute
is the "known good" password for the user. Simply supplying the Cleartext-Password to the server will result in most authentication meth-
ods working. The User-Password attribute is the password as typed in by the user on their private machine. The two are not the same, and
should be treated very differently. That is, you should generally not use the User-Password attribute anywhere in the RADIUS configura-
tion.
For backwards compatibility, there are old configuration parameters which may be work, although we do not recommend using them.
SECTIONS
authorize authenticate
FILES
/etc/raddb/radiusd.conf
SEE ALSO radiusd(8), radiusd.conf(5)AUTHOR
Alan DeKok <aland@freeradius.org>
6 June 2008 rlm_pap(5)