09-18-2015
Quote:
Originally Posted by
kumarjt
Thanks for the quick response.
But the configuration file(which has all EXPORT commands) not only has DB passwords, but also passwords which are required to perform file SCP's
How does that even work? scp doesn't take plantext passwords, you'd have to install an insecure brute-forcing tool to do that.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Does anyone know of any tool(s) to obfuscate shell scripts for intellectual property protection purposes?
My searches turned up one such tool for Perl but not for shell scripts. Thanks. (2 Replies)
Discussion started by: tabourje
2 Replies
2. UNIX for Dummies Questions & Answers
Hello users,
I have a question ?
I was just wondering whether the hostname on unix systems are case sensitive.
For example in the system which I work.
ping TestHost and ping testhost gives me the same output i.e I get the reply from the remote host
Is this applicable for all... (3 Replies)
Discussion started by: ajphaj
3 Replies
3. UNIX for Dummies Questions & Answers
I am attempting to write a shell script that runs a program which generates data and then runs another program to plot the data. The problem is that I need the plotting to take place in a different terminal window that stays open after the plotting has finished. I have experimented 'xterm -e '... (1 Reply)
Discussion started by: chris2051
1 Replies
4. UNIX and Linux Applications
I would like to set the root password for mysql databases installed on various machines connected within a network. These machines receive their mysql installation via a script that pulls the installation files from the server and starts installing. During installation I would also like to set the... (0 Replies)
Discussion started by: figaro
0 Replies
5. UNIX for Dummies Questions & Answers
Is there a way for me to take a parameter then store it in a variable and use its value as non case sensitive?
Ex.
Lets say i have a parameter which contains "Hey".
Then im gonna store it to GR using GR=$1.
CL=/install/$GR.g
How can i make GR non case sensitive so that the... (1 Reply)
Discussion started by: khestoi
1 Replies
6. Solaris
Hi
I'm trying to understand variable scopes in solaris10.
It is said that to display env variables we use 3 commands :
- env
- set
- export
What is the difference between them ?
thx for help.
---------- Post updated at 11:00 AM ---------- Previous update was at 10:50 AM ----------
... (2 Replies)
Discussion started by: presul
2 Replies
7. Solaris
Hi all,
I am writing this post in order to share my experience with the SUN nxge ethernet interfaces and try to see if some of you managed to solve similar issues than the ones we experienced here with T5520 running Solaris 10.
First, we noticed that it was somehow difficult to have those... (5 Replies)
Discussion started by: fpraile
5 Replies
8. Shell Programming and Scripting
Hi All,
select app from the menu:
ABC
DEF
GHI
JKL
ALL # ALL will select all the apps in the menu
echo "Enter your option"
read option;
if
then
<execute the below command>
elif # option is the 1 selection from menu...not ALL
<execute the below command>
else (14 Replies)
Discussion started by: Devaraj A
14 Replies
9. Post Here to Contact Site Administrators and Moderators
Hi
Kindly remove the following from the post . These are confidential info posted by mistake
https://www.unix.com/shell-programming-and-scripting/201037-perl-while-loop-each.html
please remove the comments section which is first 16 lines in the perl script .
Also please remove the ... (1 Reply)
Discussion started by: ptappeta
1 Replies
10. Solaris
I need to know what are the commands in Solaris to retrieve the below information about the hardware platform.
1. Chipset information (information about various hardware controller cards on the mother boards, system BIOS versions, PCI firmware version etc..)
2. Serial number of the work... (2 Replies)
Discussion started by: rajujayanthy
2 Replies
LEARN ABOUT DEBIAN
chpasswd
CHPASSWD(8) System Management Commands CHPASSWD(8)
NAME
chpasswd - update passwords in batch mode
SYNOPSIS
chpasswd [options]
DESCRIPTION
The chpasswd command reads a list of user name and password pairs from standard input and uses this information to update a group of
existing users. Each line is of the format:
user_name:password
By default the passwords must be supplied in clear-text, and are encrypted by chpasswd. Also the password age will be updated, if present.
By default, passwords are encrypted by PAM, but (even if not recommended) you can select a different encryption method with the -e, -m, or
-c options.
Except when PAM is used to encrypt the passwords, chpasswd first updates all the passwords in memory, and then commits all the changes to
disk if no errors occured for any user.
When PAM is used to encrypt the passwords (and update the passwords in the system database) then if a password cannot be updated chpasswd
continues updating the passwords of the next users, and will return an error code on exit.
This command is intended to be used in a large system environment where many accounts are created at a single time.
OPTIONS
The options which apply to the chpasswd command are:
-c, --crypt-method METHOD
Use the specified method to encrypt the passwords.
The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods.
By default, PAM is used to encrypt the passwords.
-e, --encrypted
Supplied passwords are in encrypted form.
-h, --help
Display help message and exit.
-m, --md5
Use MD5 encryption instead of DES when the supplied passwords are not encrypted.
-R, --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.
-s, --sha-rounds ROUNDS
Use the specified number of rounds to encrypt the passwords.
The value 0 means that the system will choose the default number of rounds for the crypt method (5000).
A minimal value of 1000 and a maximal value of 999,999,999 will be enforced.
You can only use this option with the SHA256 or SHA512 crypt method.
By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in /etc/login.defs.
CAVEATS
Remember to set permissions or umask to prevent readability of unencrypted files by other users.
CONFIGURATION
The following configuration variables in /etc/login.defs change the behavior of this tool:
SHA_CRYPT_MIN_ROUNDS (number), SHA_CRYPT_MAX_ROUNDS (number)
When ENCRYPT_METHOD is set to SHA256 or SHA512, this defines the number of SHA rounds used by the encryption algorithm by default (when
the number of rounds is not specified on the command line).
With a lot of rounds, it is more difficult to brute forcing the password. But note also that more CPU resources will be needed to
authenticate users.
If not specified, the libc will choose the default number of rounds (5000).
The values must be inside the 1000-999,999,999 range.
If only one of the SHA_CRYPT_MIN_ROUNDS or SHA_CRYPT_MAX_ROUNDS values is set, then this value will be used.
If SHA_CRYPT_MIN_ROUNDS > SHA_CRYPT_MAX_ROUNDS, the highest value will be used.
Note: This only affect the generation of group passwords. The generation of user passwords is done by PAM and subject to the PAM
configuration. It is recommended to set this variable consistently with the PAM configuration.
FILES
/etc/passwd
User account information.
/etc/shadow
Secure user account information.
/etc/login.defs
Shadow password suite configuration.
/etc/pam.d/chpasswd
PAM configuration for chpasswd.
SEE ALSO
passwd(1), newusers(8), login.defs(5), useradd(8).
shadow-utils 4.1.5.1 05/25/2012 CHPASSWD(8)