i have an application that uses the encrypted password that's in the /etc/shadow file.
i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios.
this application allowed that particular user access as long as she entered the right password.
my question is, how can i authenticate users using the shadow password file? i'd like to do this in my own scripts.
for instance if a user enters "Apple" for a password. when encrypted, that will be scrambled to look differently (as it is in the shadow file). how can i make it so if a user is running a script, i want to make sure its the right user. not someone posing as the user.
i already tried:
but the resulting scrambled letters do not match that of the /etc/shadow.
Hi,
I do not want the plaintext password to appear in the netrc file. So I want to encrypt the password. Is there a way to encrypt the password and still make ftp to use the netrc ?
Thanks in advance.
-Gow:confused: (2 Replies)
Hi,
I want to append password into /etc/shadow file using a shell script.
My below script does add the users to both /etc/passwd and /etc/shadow but how can I add the hordcoded passwords to /etc/shadow file can some one help me ?
# To add the groups into /etc/group file
for a_user... (5 Replies)
hi,
I had to reset a lost root password by editing the /etc/passwd and /etc/shadow files ( this is a xen vm file, so i mounted and chrooted the file )
after the reboot with an empty password on root , i have set a new password with passwd but
it only changed the /etc/passwd file.... (0 Replies)
We are currently using a script to copy the same encrypted password between our HP-UX and Solaris servers editing the trusted and shadow files directly. The encrypted password is only 13 characters long on both servers and decrypts the same way. Is there a way to copy this same string to Linux... (5 Replies)
Hi
I wonder whether is possible to generate enrypted passwd for some user and paste it into /etc/shadow file ?
What kind of encryption is used in /etc/shadow file ?
ths for help. (1 Reply)
Today i was going through some of security guides written on linux .
Under shadow file security following points were mentioned.
1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters.
2)Usernames in shadow file must satisfy to all the same rules as... (14 Replies)
On SPARC Solaris 10. I set the app account so it's expired. I also want it
so not required to change password at first login, I can do this by
removing the numbers after the password in /etc/shadow.
example using user1
The /etc/shadow file looks like this:
user1:kOmcVXAImRTAY:0::::90::
... (8 Replies)
Hello friends,
We have encrypted password strings for all of our users (each user has different password).
After creating users in Linux, we replace encrypted passwords manually on /etc/shadow so that their passwords directly work. Instead we want to do it using scripting.
I tried with sed... (2 Replies)
Discussion started by: prvnrk
2 Replies
LEARN ABOUT REDHAT
shadow
SHADOW(5) File Formats Manual SHADOW(5)NAME
shadow - encrypted password file
DESCRIPTION
shadow contains the encrypted password information for user's accounts and optional the password aging information. Included is
Login name
Encrypted password
Days since Jan 1, 1970 that password was last changed
Days before password may be changed
Days after which password must be changed
Days before password is to expire that user is warned
Days after password expires that account is disabled
Days since Jan 1, 1970 that account is disabled
A reserved field
The password field must be filled. The encryped password consists of 13 to 24 characters from the 64 character alphabet a thru z, A thru
Z, 0 thru 9, . and /. Refer to crypt(3) for details on how this string is interpreted.
The date of the last password change is given as the number of days since Jan 1, 1970. The password may not be changed again until the
proper number of days have passed, and must be changed after the maximum number of days. If the minimum number of days required is greater
than the maximum number of day allowed, this password may not be changed by the user.
An account is considered to be inactive and is disabled if the password is not changed within the specified number of days after the pass-
word expires. An account will also be disabled on the specified day regardless of other password expiration information.
This information supercedes any password or password age information present in /etc/passwd.
This file must not be readable by regular users if password security is to be maintained.
FILES
/etc/passwd - user account information
/etc/shadow - encrypted user passwords
SEE ALSO chage(1), login(1), passwd(1), su(1), passwd(5), pwconv(8), pwunconv(8), sulogin(8)AUTHOR
Julianne Frances Haugh (jockgrrl@ix.netcom.com)
SHADOW(5)