|
|
Sponsored Content
Operating Systems
Solaris
Passwords in /etc/shadow file
Post 97565 by Perderabo on Tuesday 31st of January 2006 03:56:06 PM
01-31-2006
|
|
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Sirs,
What is a shadow file,How it be usefull.For my project i have to keep the password in shawdow file also i am doing in php how can i do it.
Thanks in advance,
ArunKumar (3 Replies)
Discussion started by: arunkumar_mca
3 Replies
2. UNIX for Advanced & Expert Users
what does 'x' in the encrypted password field in /etc/shaodw file represent? (3 Replies)
Discussion started by: jbashir
3 Replies
3. Programming
I'm writing a 'C' program on various systems (HP-UX, Solaris, AIX, NCR) which needs to interact with a user's password. Some of my systems are using the shadow password and some are not. It is possible for some of my systems to have /etc/shadow, even though the box is not using the file (I know,... (4 Replies)
Discussion started by: chrisc@nwark.ne
4 Replies
4. Solaris
my etc/shadow file showing *LK* for a particular user.. can u tell me under which circumstances a user is locked (5 Replies)
Discussion started by: vikashtulsiyan
5 Replies
5. UNIX for Advanced & Expert Users
Does anyone know what "!!" represents in the password field of the /etc/shadow file? :confused: (6 Replies)
Discussion started by: avcert1998
6 Replies
6. UNIX for Dummies Questions & Answers
I see conflicting definitions for the shadow file. For Solaris, what are the fields please? Thanks. (3 Replies)
Discussion started by: DavidS
3 Replies
7. UNIX for Dummies Questions & Answers
As a part of linux hardening
In shadow file all Application accounts which are not locked must contain only an asterisk “*” in the Passwd field.
But how would i do it by using command?
Is there any way other than modifying shadow file to accomplish this task? (3 Replies)
Discussion started by: pinga123
3 Replies
8. Cybersecurity
I'm doing some labs regarding password cracking on Linux machines. I took the shadow file from one of my virtual machines and it looks like below:
bruno:$1$mrVjnhtj$bg47WvwLXN4bZrUNCf1Lh.:14019:0:99999:7:::
From my understanding the most important piece regarding password cracking on linux... (1 Reply)
Discussion started by: bcaseiro
1 Replies
9. UNIX for Advanced & Expert Users
I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Discussion started by: Anne Neville
5 Replies
LEARN ABOUT DEBIAN
otp
otp(3tcl) RFC 2289 A One-Time Password System otp(3tcl) __________________________________________________________________________________________________________________________________________________ NAME
otp - One-Time Passwords SYNOPSIS
package require Tcl 8.2 package require otp ?1.0.0? ::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data ::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data ::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data ::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data _________________________________________________________________ DESCRIPTION
This package is an implementation in Tcl of the One-Time Password system as described in RFC 2289(1). This system uses message-digest algorithms to sequentially hash a passphrase to create single-use passwords. The resulting data is then provided to the user as either hexadecimal digits or encoded using a dictionary of 2048 words. This system is used by OpenBSD for secure login and can be used as a SASL mechanism for authenticating users. In this implementation we provide support for four algorithms that are included in the tcllib distribution: MD5(2), MD4(3), RIPE-MD160(4) and SHA-1(5). COMMANDS
::otp::otp-md4 ?-hex? ?-words? -seed seed -count count data ::otp::otp-md5 ?-hex? ?-words? -seed seed -count count data ::otp::otp-sha1 ?-hex? ?-words? -seed seed -count count data ::otp::otp-rmd160 ?-hex? ?-words? -seed seed -count count data EXAMPLES
% otp::otp-md5 -count 99 -seed host67821 "My Secret Pass Phrase" (binary gibberish) % otp::otp-md5 -words -count 99 -seed host67821 "My Secret Pass Phrase" SOON ARAB BURG LIMB FILE WAD % otp::otp-md5 -hex -count 99 -seed host67821 "My Secret Pass Phrase" e249b58257c80087 REFERENCES
[1] Haller, N. et al., "A One-Time Password System", RFC 2289, February 1998. http://www.rfc-editor.org/rfc/rfc2289.txt [2] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, MIT and RSA Data Security, Inc, April 1992. (http://www.rfc-edi- tor.org/rfc/rfc1321.txt) [3] Rivest, R., "The MD4 Message Digest Algorithm", RFC 1320, MIT, April 1992. (http://www.rfc-editor.org/rfc/rfc1320.txt) [4] H. Dobbertin, A. Bosselaers, B. Preneel, "RIPEMD-160, a strengthened version of RIPEMD" http://www.esat.kuleuven.ac.be/~cosi- cart/pdf/AB-9601/AB-9601.pdf [5] "Secure Hash Standard", National Institute of Standards and Technology, U.S. Department Of Commerce, April 1995. (http://www.itl.nist.gov/fipspubs/fip180-1.htm) BUGS, IDEAS, FEEDBACK This document, and the package it describes, will undoubtedly contain bugs and other problems. Please report such in the category otp of the Tcllib SF Trackers [http://sourceforge.net/tracker/?group_id=12883]. Please also report any ideas for enhancements you may have for either package and/or documentation. SEE ALSO
SASL, md4, md5, ripemd160, sha1 KEYWORDS
hashing, message-digest, password, rfc 2289, security CATEGORY
Hashes, checksums, and encryption COPYRIGHT
Copyright (c) 2006, Pat Thoyts <patthoyts@users.sourceforge.net> otp 1.0.0 otp(3tcl)