Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Passwords in /etc/shadow file
Operating Systems Solaris Passwords in /etc/shadow file Post 97565 by Perderabo on Tuesday 31st of January 2006 03:56:06 PM
Old 01-31-2006
I'm not a crypto expert, but I have to say that I am not convinced that md5 hashes constitute a successful replacement to the standard unix password hash. Before md5, we had md2 and md4 both of which failed to live up to their promises. In this paper, Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD demonstrate collisions for md5. It's especially jarring that they can find a collision for md4 by hand, no computer needed. And Bruce Snieder checks in with Opinion: Cryptanalysis of MD5 and SHA: Time for a new standard. On the other hand, it may be that stuff like md5 is unusually strong when hashing a very short string like a password. But I'm reluctant to use a new algorithm until it has proven itself for awhile.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

shadow file

Sirs, What is a shadow file,How it be usefull.For my project i have to keep the password in shawdow file also i am doing in php how can i do it. Thanks in advance, ArunKumar (3 Replies)
Discussion started by: arunkumar_mca
3 Replies

2. UNIX for Advanced & Expert Users

shadow file

what does 'x' in the encrypted password field in /etc/shaodw file represent? (3 Replies)
Discussion started by: jbashir
3 Replies

3. Programming

Shadow Passwords

I'm writing a 'C' program on various systems (HP-UX, Solaris, AIX, NCR) which needs to interact with a user's password. Some of my systems are using the shadow password and some are not. It is possible for some of my systems to have /etc/shadow, even though the box is not using the file (I know,... (4 Replies)
Discussion started by: chrisc@nwark.ne
4 Replies

4. Solaris

*LK* in /etc/shadow file

my etc/shadow file showing *LK* for a particular user.. can u tell me under which circumstances a user is locked (5 Replies)
Discussion started by: vikashtulsiyan
5 Replies

5. UNIX for Advanced & Expert Users

/etc/shadow file....

Does anyone know what "!!" represents in the password field of the /etc/shadow file? :confused: (6 Replies)
Discussion started by: avcert1998
6 Replies

6. UNIX for Dummies Questions & Answers

Shadow File

I see conflicting definitions for the shadow file. For Solaris, what are the fields please? Thanks. (3 Replies)
Discussion started by: DavidS
3 Replies

7. UNIX for Dummies Questions & Answers

Shadow file help

As a part of linux hardening In shadow file all Application accounts which are not locked must contain only an asterisk “*” in the Passwd field. But how would i do it by using command? Is there any way other than modifying shadow file to accomplish this task? (3 Replies)
Discussion started by: pinga123
3 Replies

8. Cybersecurity

Cracking complex passwords (/etc/shadow)

I'm doing some labs regarding password cracking on Linux machines. I took the shadow file from one of my virtual machines and it looks like below: bruno:$1$mrVjnhtj$bg47WvwLXN4bZrUNCf1Lh.:14019:0:99999:7::: From my understanding the most important piece regarding password cracking on linux... (1 Reply)
Discussion started by: bcaseiro
1 Replies

9. UNIX for Advanced & Expert Users

When did UNIX start using encrypted passwords, and not displaying passwords when you type them in?

I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Discussion started by: Anne Neville
5 Replies

LEARN ABOUT DEBIAN

digest::md5::file

File(3pm)						User Contributed Perl Documentation						 File(3pm)

NAME

       Digest::MD5::File - Perl extension for getting MD5 sums for files and urls.

SYNOPSIS

	   use Digest::MD5::File qw(dir_md5_hex file_md5_hex url_md5_hex);

	   my $md5 = Digest::MD5->new;
	   $md5->addpath('/path/to/file');
	   my $digest = $md5->hexdigest;

	   my $digest = file_md5($file);
	   my $digest = file_md5_hex($file);
	   my $digest = file_md5_base64($file);

	   my $md5 = Digest::MD5->new;
	   $md5->addurl('http://www.tmbg.com/tour.html');
	   my $digest = $md5->hexdigest;

	   my $digest = url_md5($url);
	   my $digest = url_md5_hex($url);
	   my $digest = url_md5_base64($url);

	   my $md5 = Digest::MD5->new;
	   $md5->adddir('/directory');
	   my $digest = $md5->hexdigest;

	   my $dir_hashref = dir_md5($dir);
	   my $dir_hashref = dir_md5_hex($dir);
	   my $dir_hashref = dir_md5_base64($dir);

DESCRIPTION

	 Get MD5 sums for files of a given path or content of a given url.

EXPORT

       None by default.  You can export any file_* dir_*, or url_* function and anything Digest::MD5 can export.

	  use Digest::MD5::File qw(md5 md5_hex md5_base64); # 3 Digest::MD5 functions
	  print md5_hex('abc123'), "
";
	  print md5_base64('abc123'), "
";

OBJECT METHODS

   addpath()
	   my $md5 = Digest::MD5->new;
	   $md5->addpath('/path/to/file.txt')
	       or die "file.txt is not where you said: $!";

       or you can add multiple files by specifying an array ref of files:

	   $md5->addpath(@files);

   adddir()
       addpath()s each file in a directory recursively. Follows the same rules as the dir_* functions.

	   my $md5 = Digest::MD5->new;
	   $md5->adddir('/home/tmbg/')
	       or die "See warning above to see why I bailed: $!";

   addurl()
	   my $md5 = Digest::MD5->new;
	   $md5->addurl('http://www.tmbg.com/tour.html')
	       or die "They Must Be not on tour";

file_* functions
       Get the digest in variouse formats of $file.  If file does not exist or is a directory it croaks (See NOFATALS for more info)

	   my $digest = file_md5($file) or warn "$file failed: $!";
	   my $digest = file_md5_hex($file) or warn "$file failed: $!";
	   my $digest = file_md5_base64($file) or warn "$file failed: $!";

dir_* functions
       Returns a hashref whose keys are files relative to the given path and the values are the MD5 sum of the file or and empty string if a
       directory.  It recurses through the entire depth of the directory.  Symlinks to files are just addpath()d and symlinks to directories are
       followed.

	   my $dir_hashref = dir_md5($dir) or warn "$dir failed: $!";
	   my $dir_hashref = dir_md5_hex($dir) or warn "$dir failed: $!";
	   my $dir_hashref = dir_md5_base64($dir) or warn "$dir failed: $!";

url_* functions
       Get the digest in various formats of the content at $url (Including, if $url points to directory, the directory listing content).  Returns
       undef if url fails (IE if LWP::UserAgent's $res->is_success is false)

	   my $digest = url_md5($url) or warn "$url failed";
	   my $digest = url_md5_hex($url) or warn "$url failed";
	   my $digest = url_md5_base64($url) or warn "$url failed";

SPECIAL SETTINGS

   BINMODE
       By default files are opened in binmode. If you do not want to do this you can unset it a variety of ways:

	   use Digest::MD5::File qw(-nobin);

       or

	   $Digest::MD5::File::BINMODE = 0;

       or at the function/method level by specifying its value as the second argument:

	   $md5->addpath($file,0);

	   my $digest = file_md5_hex($file,0);

   UTF8
       In some cases you may want to have your data utf8 encoded, you can do this the following ways:

	   use Digest::MD5::File qw(-utf8);

       or

	   $Digest::MD5::File::UTF8 = 1;

       or at the function/method level by specifying its value as the third argument for files and second for urls:

	   $md5->addpath($file,$binmode,1);

	   my $digest = file_md5_hex($file,$binmode,1);

	   $md5->addurl($url,1);

	   url_md5_hex($url,1);

       It use's Encode's encode_utf8() function to do the encoding. So if you do not have Encode (pre 5.7.3) this won't work :)

   NOFATALS
       Instead of croaking it will return undef if you set NOFATALS to true.

       You can do this two ways:

	   $Digest::MD5::File::NOFATALS = 1;

       or the -nofatals flag:

	   use Digest::MD5::File qw(-nofatals);

	   my $digest = file_md5_hex($file) or die "$file failed";

       $! is not set so its not really helpful if you die().

SEE ALSO

       Digest::MD5, Encode, LWP::UserAgent

AUTHOR

       Daniel Muey, <http://drmuey.com/cpan_contact.pl>

COPYRIGHT AND LICENSE

       Copyright 2005 by Daniel Muey

       This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

perl v5.14.2							    2012-04-04								 File(3pm)
All times are GMT -4. The time now is 03:41 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy