Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Steps after username and password is entered !
Top Forums Shell Programming and Scripting Steps after username and password is entered ! Post 302820495 by Corona688 on Wednesday 12th of June 2013 06:49:06 PM
Old 06-12-2013
If you login to a local terminal, you talk to /bin/login, if you login with sshd it goes its own way, but these days everything talks to the same login system -- pam. (pluggable authentication modules) It's not a program, it's a library, and it's very very picky about what it talks to, all controlled by configuration files under /etc/pam.d/

It's very configurable, but you mostly see it used the traditional way, where it checks /etc/passwd for login information and /etc/shadow for passwords.

/etc/passwd is where things like the location of your home folder and your default shell are stored. It can be read by anyone. /etc/shadow, readable only by root, is where hashed passwords are stored -- passwords go through a one-way function like md5 or sha to scramble them. You can't turn it back into a password, you can only compare two hashes to see if they're the same. (And even that takes some effort, because pam 'salts' them with a small random string.)

Still, hashed passwords aren't invulnerable. With enough computing power, you can hash millions of possible passwords until you find a match. This is why the 'passwd' file doesn't contain passwords anymore; as computers became more powerful, the hashed passwords required better protection.

So pam compares the hash of the password you typed with the stored hash to see if they match, and if they do, makes the setuid() system call to change its process ID into a different user, and following that, executes your shell.
These 3 Users Gave Thanks to Corona688 For This Post:
juzz4fun krishmaths Yoda
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

redirecting password as username for rlogin

Is the following even possible ? by echo $3, I mean enter password when prompted for it. My main issue is that it would deal with a prompted password, which is passed from the command line like this: ./processing serverA user password I cannot not use expect here, I heard that was very... (1 Reply)
Discussion started by: seaten
1 Replies

2. Shell Programming and Scripting

username password in script

Can we write a script to telnet to a unix server from unix with the username and password hardcoded in the script?? something like ssh a@b -p password ??? (5 Replies)
Discussion started by: roshanjain2
5 Replies

3. Shell Programming and Scripting

wget with embedded username/password

Hi, I am encoding the username and password to the url and use it with wget. I.e wget ftp://username:password@myserver.com/test.mp3 However this does not work if the password contains @ character. if the password contains @, then the encoded url becomes wget... (1 Reply)
Discussion started by: learn more
1 Replies

4. Red Hat

Trouble logging in with username and password

I have a RHEL 5 server that I can log into with an LDAP account hosted on a server running Sun DSEE 6.3 with an ssh key pair but not with my username and password. When I try to login to the console I am given the "login incorrect" message as if I fat fingered my password. Other users with... (5 Replies)
Discussion started by: ilikecows
5 Replies

5. UNIX for Dummies Questions & Answers

Shell program with username and password

Hi I am new to unix and I am trying to figure out how to write a shell script with a login name and password. I want to do something along the lines of if both are correct it echoes "you are logged in" and if the password is wrong it echoes "wrong password" and same with the login name. I've tried... (7 Replies)
Discussion started by: thedemonhunter
7 Replies

6. UNIX for Dummies Questions & Answers

How can i hide username/password

hi all, i run sqlplus command on unix(HP-UX) like "sqlplus username/password@serverA @deneme.sql" but when someone run "ps -ef | grep sqlplus", it can see my username and password :( How can i hide username and password. thanx. (1 Reply)
Discussion started by: temhem
1 Replies

7. Shell Programming and Scripting

Username password asked during loging

Hi, Whenever I open my unix box,after providing username and password I get the following message. Are you authorised to use this computer as detailed above? (Y)es/(N)o : y Export: Release 10.2.0.2.0 - Production on Mon May 16 16:00:15 2011 Copyright (c) 1982, 2005, Oracle. All rights... (5 Replies)
Discussion started by: emilybose
5 Replies

8. Shell Programming and Scripting

Username and password

Hi I am new to using unix and am struggling with a script i am writing. What i am trying to do is get a user to enter a username, check the original file i created with username and pin to see if their is a corresponding entry. Next ask the user to enter the pin and see if this matches... (5 Replies)
Discussion started by: somersetdan
5 Replies

9. UNIX for Dummies Questions & Answers

How do you reset username/password

Picked up a 3b2 running System V. Works fine, but it requires a username and password. Is the username "root" or "sysadm"? How do I find out and how to I reset it or bypass it? Thanks. (2 Replies)
Discussion started by: TanRuNomad
2 Replies

10. Red Hat

Need to crack username and password on laptop

I am not a computer geek but I recently was given a Dell Latitude c400 laptop which has Red Hat Linux 2.4.20-6 GRUB Version 0.93. First of all I have no clue how to even use this operating system and I was never given the username or password. Is there anyone out there who could possibly help me... (4 Replies)
Discussion started by: missfixit74
4 Replies

LEARN ABOUT CENTOS

d_passwd

d_passwd(4)							   File Formats 						       d_passwd(4)

NAME

       d_passwd - dial-up password file

SYNOPSIS

       /etc/d_passwd

DESCRIPTION

       A  dial-up  password is an additional password required of users who access the computer through a modem or dial-up port. The correct pass-
       word must be entered before the user is granted access to the computer.

       d_passwd is an ASCII file which contains a list of executable programs (typically shells) that require a dial-up password and  the  associ-
       ated encrypted passwords. When a user attempts to log in on any of the ports listed in the dialups file (see dialups(4)), the login program
       looks at the user's login entry stored in the passwd file (see passwd(4)), and compares the login shell field to the entries  in  d_passwd.
       These entries determine whether the user will be required to supply a dial-up password.

       Each entry in d_passwd is a single line of the form:

       login-shell:password:

       where

       login-shell     The name of the login program that will require an additional dial-up password.

       password        An  encrypted  password. Users accessing the computer through a dial-up port or modem using login-shell will be required to
		       enter this password before gaining access to the computer.

       d_passwd should be owned by the root user and the root group. The file should have read and write permissions for the owner (root) only.

       If the user's login program in the passwd file is not found in d_passwd or if the login shell field in passwd is empty, the user must  sup-
       ply  the  default  password.  The default password is the entry for /usr/bin/sh. If d_passwd has no entry for /usr/bin/sh, then those users
       whose login shell field in passwd is empty or does not match any entry in d_passwd will not be prompted for a dial-up password.

       Dial-up logins are disabled if d_passwd has only the following entry:

       /usr/bin/sh:*:

EXAMPLES

       Example 1: Sample d_passwd file.

       Here is a sample d_passwd file:

       /usr/lib/uucp/uucico:q.mJzTnu8icF0:
       /usr/bin/csh:6k/7KCFRPNVXg:
       /usr/bin/ksh:9df/FDf.4jkRt:
       /usr/bin/sh:41FuGVzGcDJlw:

   Generating An Encrypted Password
       The passwd (see passwd(1)) utility can be used to generate the encrypted password for each login program. passwd generates encrypted  pass-
       words  for  users  and places the password in the shadow (see shadow(4)) file. Passwords for the d_passwd file will need to be generated by
       first adding a temporary user id using useradd (see useradd(1M)), and then using passwd(1) to generate the desired password in  the  shadow
       file. Once the encrypted version of the password has been created, it can be copied to the d_passwd file.

       For example:

       1.
	   Type useradd tempuser and press Return. This creates a user named tempuser.

       2.  Type passwd tempuser and press Return. This creates an encrypted password for tempuser and places it in the shadow file.

       3.  Find the entry for tempuser in the shadow file and copy the encrypted password to the desired entry in the d_passwd file.

       4.  Type userdel tempuser and press Return to delete tempuser.

       These steps must be executed as the root user.

FILES

       /etc/d_passwd	       dial-up password file

       /etc/dialups	       list of dial-up ports requiring dial-up passwords

       /etc/passwd	       password file

       /etc/shadow	       shadow password file

SEE ALSO

       passwd(1), useradd(1M), dialups(4), passwd(4), shadow(4)

WARNINGS

       When  creating  a  new  dial-up password, be sure to remain logged in on at least one terminal while testing the new password. This ensures
       that there is an available terminal from which you can correct any mistakes that were made when the new password was added.

SunOS 5.10							    2 Sep 2004							       d_passwd(4)
All times are GMT -4. The time now is 08:17 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy