Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Interpreting the encrypted shadow password?
Operating Systems Linux Interpreting the encrypted shadow password? Post 302174940 by ramen_noodle on Wednesday 12th of March 2008 04:33:31 PM
Old 03-12-2008
The simple answer is to identify the most secure and compatible hashing algorithm supported by all three platforms, settle on this and alter the systems configurations to honor this algorithm and use it for future password generation. Then a method to generate the passwords for each user using the same salt on all three platforms could be devised along with a way to generate the users passwd/shadow entries and then a method to add these to password/shadow files on target systems.

All of this would be simplified to a great degree if central authentication was in use, ala LDAP or NIS, unless I'm misunderstanding. Otherwise it's a poor man's directory service
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

netrc file encrypted password

Hi, I do not want the plaintext password to appear in the netrc file. So I want to encrypt the password. Is there a way to encrypt the password and still make ftp to use the netrc ? Thanks in advance. -Gow:confused: (2 Replies)
Discussion started by: ggowrish
2 Replies

2. UNIX for Dummies Questions & Answers

Change password by pushing encrypted password to systems

I'm tasked to change a user's password on multiple Linux systems (RH v3). I though copying the encrypted password from one Linux /etc/shadow file to another would work but I was wrong. The long term solution is to establish an openLDAP Directory service, but for now I'm stuck with a manual... (1 Reply)
Discussion started by: benq70
1 Replies

3. UNIX for Dummies Questions & Answers

How to : Identify the the password is encrypted or not in /etc/shadow or /etc/passwd?

Thanks AVKlinux (11 Replies)
Discussion started by: avklinux
11 Replies

4. UNIX and Linux Applications

Accessing Oracle via encrypted password

Actually in my application there is an XML file. The password and the user name for the database that I need to access the development box is stored there. But using some UNIX command I am able to access the raw content of the file and not the decrypted code for that password. When I am applying... (3 Replies)
Discussion started by: nandumishra
3 Replies

5. Shell Programming and Scripting

To decrypt encrypted password

Hi folks, What will be the easy way to decrypt encrypted passwords on MySQL table. Googling brought me many suggestions on crypt/decrypt running scripts. Please advise. TIA Remark: I think the encrypt function of MySQL uses the Unix crypt command to encrypt B.R. satimis (1 Reply)
Discussion started by: satimis
1 Replies

6. UNIX for Advanced & Expert Users

/etc/shadow encrypted password

Hi I wonder whether is possible to generate enrypted passwd for some user and paste it into /etc/shadow file ? What kind of encryption is used in /etc/shadow file ? ths for help. (1 Reply)
Discussion started by: presul
1 Replies

7. Shell Programming and Scripting

Replace encrypted password in /etc/shadow using sed

Hello friends, We have encrypted password strings for all of our users (each user has different password). After creating users in Linux, we replace encrypted passwords manually on /etc/shadow so that their passwords directly work. Instead we want to do it using scripting. I tried with sed... (2 Replies)
Discussion started by: prvnrk
2 Replies

8. UNIX for Dummies Questions & Answers

Using the encrypted password of the shadow file

i have an application that uses the encrypted password that's in the /etc/shadow file. i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios. this application allowed that... (5 Replies)
Discussion started by: SkySmart
5 Replies

9. Shell Programming and Scripting

Encrypted password in script

How to keep encrypted password in a shell script.? I have the file which has the following: a.sh ----- username=abc password=abc I will be using this username and password in another script. But I don't want to reveal the password in the script. How to keep the password... (3 Replies)
Discussion started by: sanvel
3 Replies

10. Cybersecurity

Is TLS encrypted password safe?

Hello, on my android device my app autosaves my password and it encrypts by TLS im not politically exposed person, just regular entrepreneur. Should i worry if i loose my phone with TLS encrypted password? Or regular mortals or casual hackers are not able to crack it? (4 Replies)
Discussion started by: postcd
4 Replies

LEARN ABOUT DEBIAN

pwck

PWCK(8) 						    System Management Commands							   PWCK(8)

NAME

       pwck - verify integrity of password files

SYNOPSIS

       pwck [options] [passwd [ shadow ]]

DESCRIPTION

       The pwck command verifies the integrity of the users and authentication information. It checks that all entries in /etc/passwd and
       /etc/shadow have the proper format and contain valid data. The user is prompted to delete entries that are improperly formatted or which
       have other uncorrectable errors.

       Checks are made to verify that each entry has:

       o   the correct number of fields

       o   a unique and valid user name

       o   a valid user and group identifier

       o   a valid primary group

       o   a valid home directory

       o   a valid login shell

       shadow checks are enabled when a second file parameter is specified or when /etc/shadow exists on the system.

       These checks are the following:

       o   every passwd entry has a matching shadow entry, and every shadow entry has a matching passwd entry

       o   passwords are specified in the shadowed file

       o   shadow entries have the correct number of fields

       o   shadow entries are unique in shadow

       o   the last password changes are not in the future

       The checks for correct number of fields and unique user name are fatal. If the entry has the wrong number of fields, the user will be
       prompted to delete the entire line. If the user does not answer affirmatively, all further checks are bypassed. An entry with a duplicated
       user name is prompted for deletion, but the remaining checks will still be made. All other errors are warning and the user is encouraged to
       run the usermod command to correct the error.

       The commands which operate on the /etc/passwd file are not able to alter corrupted or duplicated entries.  pwck should be used in those
       circumstances to remove the offending entry.

OPTIONS

       The -r and -s options cannot be combined.

       The options which apply to the pwck command are:

       -h, --help
	   Display help message and exit.

       -q, --quiet
	   Report errors only. The warnings which do not require any action from the user won't be displayed.

       -r, --read-only
	   Execute the pwck command in read-only mode.

       -R, --root CHROOT_DIR
	   Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.

       -s, --sort
	   Sort entries in /etc/passwd and /etc/shadow by UID.

       By default, pwck operates on the files /etc/passwd and /etc/shadow. The user may select alternate files with the passwd and shadow
       parameters.

CONFIGURATION

       The following configuration variables in /etc/login.defs change the behavior of this tool:

       PASS_MAX_DAYS (number)
	   The maximum number of days a password may be used. If the password is older than this, a password change will be forced. If not
	   specified, -1 will be assumed (which disables the restriction).

       PASS_MIN_DAYS (number)
	   The minimum number of days allowed between password changes. Any password changes attempted sooner than this will be rejected. If not
	   specified, -1 will be assumed (which disables the restriction).

       PASS_WARN_AGE (number)
	   The number of days warning given before a password expires. A zero means warning is given only upon the day of expiration, a negative
	   value means no warning is given. If not specified, no warning will be provided.

FILES

       /etc/group
	   Group account information.

       /etc/passwd
	   User account information.

       /etc/shadow
	   Secure user account information.

EXIT VALUES

       The pwck command exits with the following values:

       0
	   success

       1
	   invalid command syntax

       2
	   one or more bad password entries

       3
	   can't open password files

       4
	   can't lock password files

       5
	   can't update password files

       6
	   can't sort password files

SEE ALSO

       group(5), grpck(8), passwd(5), shadow(5), usermod(8).

shadow-utils 4.1.5.1						    05/25/2012								   PWCK(8)
All times are GMT -4. The time now is 11:33 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy