09-27-2010
Quote:
Originally Posted by
jlliagre
Then why not just setting the new password to be the same as the old one ?
can't, there is a policy in place to prevent that.
what i heard is that we could copy the encrypted string and paste it again, not sure does it work this way.
9 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I have a file in which I need to find every occurance of PASSWORD="somepassword" and replace the actual password with "xxx". Within the file that I am working, I can have combinations of PASSWORD or it can also show as RMT_PASSWORD. The 'edited' file (with passwords x'ed out) will then be emailed... (4 Replies)
Discussion started by: hedrict
4 Replies
2. Solaris
I want to import my passwd/shadow files from Solaris 6 to Solaris 10. I found that the encryption method for passwords has changed. Is there a command or script to convert the Solaris 6 passwords to Solaris 10? I have searched the net and just can't seem to find the answer.
For Example:
The... (6 Replies)
Discussion started by: westsiderick
6 Replies
3. Shell Programming and Scripting
Do you know of any methods where I can send an input of passwords into the passwd command? For instance, I have a file which has the password stored and I want it to be sent into this command "passwd gilberteu" when it prompts for the new password and subsequently confirming the password that was... (0 Replies)
Discussion started by: gilberteu
0 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I am new to HP-UX environment. Could someone help me giving commands to recycle the server and how to go to single user mode.
Thanks
Hemanth (3 Replies)
Discussion started by: Hemanth_gp
3 Replies
5. Shell Programming and Scripting
hi
How can I change the home directory of a user without using usermod -d command?
( by modifying /etc/passwd) (17 Replies)
Discussion started by: tjay83
17 Replies
6. UNIX for Dummies Questions & Answers
Hi all I am using tru64 Unix and I want to use batch file which makes me to change all user passwords at the same time ,instead of changing everyone separately. Please could anyone help me to do that. bye. (2 Replies)
Discussion started by: ahmedbashir
2 Replies
7. Solaris
Hi Folks,
I have Solaris 10, latest release.
We have passwd aging set in /etc/defalut/passwd.
I have an account that passwd should never expire. Acheived by emptying associated users shadow file entries for passwd aging.
When I reset the users passwd using passwd command, it re enables... (3 Replies)
Discussion started by: BG_JrAdmin
3 Replies
8. UNIX for Advanced & Expert Users
I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Discussion started by: Anne Neville
5 Replies
9. AIX
Does anyone know when AIX started using /etc/security/passwd instead of /etc/passwd to store encrypted passwords? (1 Reply)
Discussion started by: Anne Neville
1 Replies
CRYPT(3) Library Functions Manual CRYPT(3)
NAME
crypt - one-way password encryption function
SYNOPSIS
#define _MINIX_SOURCE 1
#include <unistd.h>
char *crypt(const char *key, const char *salt)
DESCRIPTION
The first use of crypt() is to encrypt a password. Its second use is to authenticate a shadow password. In both cases crypt() calls
pwdauth(8) to do the real work.
Crypt() encrypts a password if called with a user typed key, and a salt whose first two characters are in the set [./0-9A-Za-z]. The
result is a character string in the [./0-9A-Za-z] alphabet of which the first two characters are equal to the salt, and the rest is the
result of encrypting the key and the salt.
If crypt() is called with a salt that has the form ##user then the key is encrypted and compared to the encrypted password of user in the
shadow password file. If they are equal then crypt() returns the ##user argument, if not then some other string is returned. This trick
assures that the normal way to authenticate a password still works:
if (strcmp(pw->pw_passwd, crypt(key, pw->pw_passwd))) ...
If key is a null string, and the shadow password is a null string or the salt is a null string then the result equals salt. (This is
because the caller can't tell if a password field is empty in the shadow password file.)
The key and salt are limited to 1024 bytes total including the null bytes.
FILES
/usr/lib/pwdauth The password authentication program
SEE ALSO
getpass(3), getpwent(3), passwd(5), pwdauth(8).
NOTES
The result of an encryption is returned in a static array that is overwritten by each call. The return value should not be modified.
AUTHOR
Kees J. Bot (kjb@cs.vu.nl)
CRYPT(3)