Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Using the encrypted password of the shadow file
Top Forums UNIX for Dummies Questions & Answers Using the encrypted password of the shadow file Post 302818013 by alister on Thursday 6th of June 2013 09:10:33 PM
Old 06-06-2013
Quote:
Originally Posted by SkySmart
yeah file permission setting is completely out of the equation since everyone has root here. that's out of my control. but what is under my control is making sure script is inoperable unless the proper password is written.
If everyone has root, then why bother? If everyone has root, any countermeasure can be undermined and neither security nor accountability are a priority.

So, obviously, this system is insecure. That may acceptable; we don't know any of the particulars. If you explain what you are to trying to accomplish, instead of asking how to implement what you think is the solution, we may be able to provide useful advice.

As it stands, what you have asked is nonsensical. How can you use the shadow file to defend against an attacker who has permission to modify the shadow file?

Regards,
Alister

P.S. With regard to authenticating using the shadow file, it can be done using whatever interfaces your system provides to login, nagios, etc (my UNIX doesn't have a shadow file).
Last edited by alister; 06-06-2013 at 10:24 PM..
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

netrc file encrypted password

Hi, I do not want the plaintext password to appear in the netrc file. So I want to encrypt the password. Is there a way to encrypt the password and still make ftp to use the netrc ? Thanks in advance. -Gow:confused: (2 Replies)
Discussion started by: ggowrish
2 Replies

2. Shell Programming and Scripting

I want to append password in /etc/shadow file

Hi, I want to append password into /etc/shadow file using a shell script. My below script does add the users to both /etc/passwd and /etc/shadow but how can I add the hordcoded passwords to /etc/shadow file can some one help me ? # To add the groups into /etc/group file for a_user... (5 Replies)
Discussion started by: modgil
5 Replies

3. UNIX for Dummies Questions & Answers

shadow file after a password reset

hi, I had to reset a lost root password by editing the /etc/passwd and /etc/shadow files ( this is a xen vm file, so i mounted and chrooted the file ) after the reboot with an empty password on root , i have set a new password with passwd but it only changed the /etc/passwd file.... (0 Replies)
Discussion started by: progressdll
0 Replies

4. Linux

Interpreting the encrypted shadow password?

We are currently using a script to copy the same encrypted password between our HP-UX and Solaris servers editing the trusted and shadow files directly. The encrypted password is only 13 characters long on both servers and decrypts the same way. Is there a way to copy this same string to Linux... (5 Replies)
Discussion started by: keelba
5 Replies

5. UNIX for Dummies Questions & Answers

How to : Identify the the password is encrypted or not in /etc/shadow or /etc/passwd?

Thanks AVKlinux (11 Replies)
Discussion started by: avklinux
11 Replies

6. Solaris

Password Recovery From /etc/shadow file

Is it possible to reset a normal user password , by editing password field in /etc/shadow file? Thanks (6 Replies)
Discussion started by: ksvaisakh
6 Replies

7. UNIX for Advanced & Expert Users

/etc/shadow encrypted password

Hi I wonder whether is possible to generate enrypted passwd for some user and paste it into /etc/shadow file ? What kind of encryption is used in /etc/shadow file ? ths for help. (1 Reply)
Discussion started by: presul
1 Replies

8. Red Hat

Shadow file password policy

Today i was going through some of security guides written on linux . Under shadow file security following points were mentioned. 1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters. 2)Usernames in shadow file must satisfy to all the same rules as... (14 Replies)
Discussion started by: pinga123
14 Replies

9. Shell Programming and Scripting

how to remove the non : characters after the password in shadow file?

On SPARC Solaris 10. I set the app account so it's expired. I also want it so not required to change password at first login, I can do this by removing the numbers after the password in /etc/shadow. example using user1 The /etc/shadow file looks like this: user1:kOmcVXAImRTAY:0::::90:: ... (8 Replies)
Discussion started by: TKD
8 Replies

10. Shell Programming and Scripting

Replace encrypted password in /etc/shadow using sed

Hello friends, We have encrypted password strings for all of our users (each user has different password). After creating users in Linux, we replace encrypted passwords manually on /etc/shadow so that their passwords directly work. Instead we want to do it using scripting. I tried with sed... (2 Replies)
Discussion started by: prvnrk
2 Replies

LEARN ABOUT SUNOS

pwconv

pwconv(1M)						  System Administration Commands						pwconv(1M)

NAME

       pwconv - installs and updates /etc/shadow with information from /etc/passwd

SYNOPSIS

       pwconv

DESCRIPTION

       The pwconv command creates and updates /etc/shadow with information from /etc/passwd.

       pwconv relies on a special value of 'x' in the password field of /etc/passwd. This value of 'x' indicates that the password for the user is
       already in /etc/shadow and should not be modified.

       If the /etc/shadow file does not exist, this command will create /etc/shadow with  information  from  /etc/passwd.  The	command  populates
       /etc/shadow  with  the  user's  login  name,  password,	and  password  aging  information. If password aging information does not exist in
       /etc/passwd for a given user, none will be added to  /etc/shadow. However, the last changed information will always be updated.

       If the  /etc/shadow file does exist, the following tasks will be performed:

		Entries that are in the  /etc/passwd file and not in the /etc/shadow file will be added to the /etc/shadow file.

		Entries that are in the  /etc/shadow file and not in the /etc/passwd file will be removed from /etc/shadow.

		Password attributes (for example, password and aging information)  that exist in an /etc/passwd entry will be moved to the  corre-
		sponding entry in  /etc/shadow.

       The pwconv command can only be used by the super-user.

FILES

       /etc/opasswd

       /etc/oshadow

       /etc/passwd

       /etc/shadow

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       passwd(1), passmgmt(1M), usermod(1M), passwd(4), attributes(5)

DIAGNOSTICS

       pwconv exits with one of the following values:

       0	SUCCESS.

       1	Permission denied.

       2	Invalid command syntax.

       3	Unexpected failure.  Conversion not done.

       4	Unexpected failure.  Password file(s) missing.

       5	Password file(s) busy.	Try again later.

       6	Bad entry in /etc/shadow file.

SunOS 5.10							    9 Mar 1993								pwconv(1M)
All times are GMT -4. The time now is 05:28 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy