Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Steps after username and password is entered !
Top Forums Shell Programming and Scripting Steps after username and password is entered ! Post 302820495 by Corona688 on Wednesday 12th of June 2013 06:49:06 PM
Old 06-12-2013
If you login to a local terminal, you talk to /bin/login, if you login with sshd it goes its own way, but these days everything talks to the same login system -- pam. (pluggable authentication modules) It's not a program, it's a library, and it's very very picky about what it talks to, all controlled by configuration files under /etc/pam.d/

It's very configurable, but you mostly see it used the traditional way, where it checks /etc/passwd for login information and /etc/shadow for passwords.

/etc/passwd is where things like the location of your home folder and your default shell are stored. It can be read by anyone. /etc/shadow, readable only by root, is where hashed passwords are stored -- passwords go through a one-way function like md5 or sha to scramble them. You can't turn it back into a password, you can only compare two hashes to see if they're the same. (And even that takes some effort, because pam 'salts' them with a small random string.)

Still, hashed passwords aren't invulnerable. With enough computing power, you can hash millions of possible passwords until you find a match. This is why the 'passwd' file doesn't contain passwords anymore; as computers became more powerful, the hashed passwords required better protection.

So pam compares the hash of the password you typed with the stored hash to see if they match, and if they do, makes the setuid() system call to change its process ID into a different user, and following that, executes your shell.
These 3 Users Gave Thanks to Corona688 For This Post:
juzz4fun krishmaths Yoda
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

redirecting password as username for rlogin

Is the following even possible ? by echo $3, I mean enter password when prompted for it. My main issue is that it would deal with a prompted password, which is passed from the command line like this: ./processing serverA user password I cannot not use expect here, I heard that was very... (1 Reply)
Discussion started by: seaten
1 Replies

2. Shell Programming and Scripting

username password in script

Can we write a script to telnet to a unix server from unix with the username and password hardcoded in the script?? something like ssh a@b -p password ??? (5 Replies)
Discussion started by: roshanjain2
5 Replies

3. Shell Programming and Scripting

wget with embedded username/password

Hi, I am encoding the username and password to the url and use it with wget. I.e wget ftp://username:password@myserver.com/test.mp3 However this does not work if the password contains @ character. if the password contains @, then the encoded url becomes wget... (1 Reply)
Discussion started by: learn more
1 Replies

4. Red Hat

Trouble logging in with username and password

I have a RHEL 5 server that I can log into with an LDAP account hosted on a server running Sun DSEE 6.3 with an ssh key pair but not with my username and password. When I try to login to the console I am given the "login incorrect" message as if I fat fingered my password. Other users with... (5 Replies)
Discussion started by: ilikecows
5 Replies

5. UNIX for Dummies Questions & Answers

Shell program with username and password

Hi I am new to unix and I am trying to figure out how to write a shell script with a login name and password. I want to do something along the lines of if both are correct it echoes "you are logged in" and if the password is wrong it echoes "wrong password" and same with the login name. I've tried... (7 Replies)
Discussion started by: thedemonhunter
7 Replies

6. UNIX for Dummies Questions & Answers

How can i hide username/password

hi all, i run sqlplus command on unix(HP-UX) like "sqlplus username/password@serverA @deneme.sql" but when someone run "ps -ef | grep sqlplus", it can see my username and password :( How can i hide username and password. thanx. (1 Reply)
Discussion started by: temhem
1 Replies

7. Shell Programming and Scripting

Username password asked during loging

Hi, Whenever I open my unix box,after providing username and password I get the following message. Are you authorised to use this computer as detailed above? (Y)es/(N)o : y Export: Release 10.2.0.2.0 - Production on Mon May 16 16:00:15 2011 Copyright (c) 1982, 2005, Oracle. All rights... (5 Replies)
Discussion started by: emilybose
5 Replies

8. Shell Programming and Scripting

Username and password

Hi I am new to using unix and am struggling with a script i am writing. What i am trying to do is get a user to enter a username, check the original file i created with username and pin to see if their is a corresponding entry. Next ask the user to enter the pin and see if this matches... (5 Replies)
Discussion started by: somersetdan
5 Replies

9. UNIX for Dummies Questions & Answers

How do you reset username/password

Picked up a 3b2 running System V. Works fine, but it requires a username and password. Is the username "root" or "sysadm"? How do I find out and how to I reset it or bypass it? Thanks. (2 Replies)
Discussion started by: TanRuNomad
2 Replies

10. Red Hat

Need to crack username and password on laptop

I am not a computer geek but I recently was given a Dell Latitude c400 laptop which has Red Hat Linux 2.4.20-6 GRUB Version 0.93. First of all I have no clue how to even use this operating system and I was never given the username or password. Is there anyone out there who could possibly help me... (4 Replies)
Discussion started by: missfixit74
4 Replies

LEARN ABOUT REDHAT

passwd

PASSWD(5)							   File formats 							 PASSWD(5)

NAME

       passwd - password file

DESCRIPTION

       Passwd  is  a text file, that contains a list of the system's accounts, giving for each account some useful information like user ID, group
       ID, home directory, shell, etc.	Often, it also contains the encrypted passwords for each account.  It should have general read	permission
       (many utilities, like ls(1) use it to map user IDs to user names), but write access only for the superuser.

       In  the	good old days there was no great problem with this general read permission.  Everybody could read the encrypted passwords, but the
       hardware was too slow to crack a well-chosen password, and moreover, the basic assumption used to be that  of  a  friendly  user-community.
       These  days  many  people  run some version of the shadow password suite, where /etc/passwd has *'s instead of encrypted passwords, and the
       encrypted passwords are in /etc/shadow which is readable by the superuser only.

       Regardless of whether shadow passwords are used, many sysadmins use a star in the encrypted password field to make sure that this user  can
       not authenticate him- or herself using a password. (But see the Notes below.)

       If you create a new login, first put a star in the password field, then use passwd(1) to set it.

       There is one entry per line, and each line has the format:

	      account:password:UID:GID:GECOS:directory:shell

       The field descriptions are:

	      account	the name of the user on the system.  It should not contain capital letters.

	      password	the encrypted user password or a star.

	      UID	the numerical user ID.

	      GID	the numerical primary group ID for this user.

	      GECOS	This  field  is  optional and only used for informational purposes.  Usually, it contains the full user name.  GECOS means
			General Electric Comprehensive Operating System, which has been renamed to GCOS when GE's large systems division was  sold
			to Honeywell.  Dennis Ritchie has reported: "Sometimes we sent printer output or batch jobs to the GCOS machine.  The gcos
			field in the password file was a place to stash the information for the $IDENTcard.  Not elegant."

	      directory the user's $HOME directory.

	      shell	the program to run at login (if empty, use /bin/sh).  If set to a non-existing executable, the	user  will  be	unable	to
			login through login(1).

NOTE

       If you want to create user groups, their GIDs must be equal and there must be an entry in /etc/group, or no group will exist.

       If  the	encrypted  password  is  set  to a star, the user will be unable to login using login(1), but may still login using rlogin(1), run
       existing processes and initiate new ones through rsh(1), cron(1), at(1), or mail filters, etc.  Trying to lock an account by simply  chang-
       ing the shell field yields the same result and additionally allows the use of su(1).

FILES

       /etc/passwd

SEE ALSO

       passwd(1), login(1), su(1), group(5), shadow(5)

								    1998-01-05								 PASSWD(5)
All times are GMT -4. The time now is 09:11 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy