Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Using the encrypted password of the shadow file
Top Forums UNIX for Dummies Questions & Answers Using the encrypted password of the shadow file Post 302817973 by SkySmart on Thursday 6th of June 2013 05:34:43 PM
Old 06-06-2013
Using the encrypted password of the shadow file
i have an application that uses the encrypted password that's in the /etc/shadow file.

i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios.

this application allowed that particular user access as long as she entered the right password.

my question is, how can i authenticate users using the shadow password file? i'd like to do this in my own scripts.

for instance if a user enters "Apple" for a password. when encrypted, that will be scrambled to look differently (as it is in the shadow file). how can i make it so if a user is running a script, i want to make sure its the right user. not someone posing as the user.

i already tried:

Code:
echo "Apple" | md5sum

but the resulting scrambled letters do not match that of the /etc/shadow.

OS: Linux/SunOS/HPUX

Thank you all
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

netrc file encrypted password

Hi, I do not want the plaintext password to appear in the netrc file. So I want to encrypt the password. Is there a way to encrypt the password and still make ftp to use the netrc ? Thanks in advance. -Gow:confused: (2 Replies)
Discussion started by: ggowrish
2 Replies

2. Shell Programming and Scripting

I want to append password in /etc/shadow file

Hi, I want to append password into /etc/shadow file using a shell script. My below script does add the users to both /etc/passwd and /etc/shadow but how can I add the hordcoded passwords to /etc/shadow file can some one help me ? # To add the groups into /etc/group file for a_user... (5 Replies)
Discussion started by: modgil
5 Replies

3. UNIX for Dummies Questions & Answers

shadow file after a password reset

hi, I had to reset a lost root password by editing the /etc/passwd and /etc/shadow files ( this is a xen vm file, so i mounted and chrooted the file ) after the reboot with an empty password on root , i have set a new password with passwd but it only changed the /etc/passwd file.... (0 Replies)
Discussion started by: progressdll
0 Replies

4. Linux

Interpreting the encrypted shadow password?

We are currently using a script to copy the same encrypted password between our HP-UX and Solaris servers editing the trusted and shadow files directly. The encrypted password is only 13 characters long on both servers and decrypts the same way. Is there a way to copy this same string to Linux... (5 Replies)
Discussion started by: keelba
5 Replies

5. UNIX for Dummies Questions & Answers

How to : Identify the the password is encrypted or not in /etc/shadow or /etc/passwd?

Thanks AVKlinux (11 Replies)
Discussion started by: avklinux
11 Replies

6. Solaris

Password Recovery From /etc/shadow file

Is it possible to reset a normal user password , by editing password field in /etc/shadow file? Thanks (6 Replies)
Discussion started by: ksvaisakh
6 Replies

7. UNIX for Advanced & Expert Users

/etc/shadow encrypted password

Hi I wonder whether is possible to generate enrypted passwd for some user and paste it into /etc/shadow file ? What kind of encryption is used in /etc/shadow file ? ths for help. (1 Reply)
Discussion started by: presul
1 Replies

8. Red Hat

Shadow file password policy

Today i was going through some of security guides written on linux . Under shadow file security following points were mentioned. 1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters. 2)Usernames in shadow file must satisfy to all the same rules as... (14 Replies)
Discussion started by: pinga123
14 Replies

9. Shell Programming and Scripting

how to remove the non : characters after the password in shadow file?

On SPARC Solaris 10. I set the app account so it's expired. I also want it so not required to change password at first login, I can do this by removing the numbers after the password in /etc/shadow. example using user1 The /etc/shadow file looks like this: user1:kOmcVXAImRTAY:0::::90:: ... (8 Replies)
Discussion started by: TKD
8 Replies

10. Shell Programming and Scripting

Replace encrypted password in /etc/shadow using sed

Hello friends, We have encrypted password strings for all of our users (each user has different password). After creating users in Linux, we replace encrypted passwords manually on /etc/shadow so that their passwords directly work. Instead we want to do it using scripting. I tried with sed... (2 Replies)
Discussion started by: prvnrk
2 Replies

LEARN ABOUT MINIX

pwdauth

PWDAUTH()																 PWDAUTH()

NAME

       pwdauth - password authentication program

SYNOPSIS

       /usr/lib/pwdauth

DESCRIPTION

       Pwdauth is a program that is used by the crypt(3) function to do the hard work.	It is a setuid root utility so that it is able to read the
       shadow password file.

       Pwdauth expects on standard input two null terminated strings, the password typed by the user, and the salt.  That is, the two arguments of
       the  crypt  function.   The input read in a single read call must be 1024 characters or less including the nulls.  Pwdauth takes one of two
       actions depending on the salt.

       If the salt has the form "##user" then the user is used to index the shadow password file to obtain  the  encrypted  password.	The  input
       password  is encrypted with the one-way encryption function contained within pwdauth and compared to the encrypted password from the shadow
       password file.  If equal then pwdauth returns the string "##user" with exit code 0, otherwise exit code 2 to signal  failure.   The  string
       "##user" is also returned if both the shadow password and the input password are null strings to allow a password-less login.

       If  the salt is not of the form "##user" then the password is encrypted and the result of the encryption is returned.  If salt and password
       are null strings then a null string is returned.

       The return value is written to standard output as a null terminated string of 1024 characters or less including the null.

       The exit code is 1 on any error.

SEE ALSO

       crypt(3), passwd(5).

NOTES

       A password must be checked like in this example:

	      pw_ok = (strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd) == 0);

       The second argument of crypt must be the entire encrypted password and not just the two character salt.

AUTHOR

       Kees J. Bot (kjb@cs.vu.nl)

																	 PWDAUTH()
All times are GMT -4. The time now is 05:42 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy