UNIX for Advanced & Expert Users

I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the requirements are that passwords not be displayed when you type it as you log in, and that passwords not be stored in clear text. Can anyone point me to some documentation saying either that UNIX has never done those things, or when UNIX (AIX, specifically, but other flavors might be helpful later on) stopped doing those things?

Something like that you want ?

Code:

#!/bin/bash
# secret-pw.sh: secret password
echo
echo -n "Enter password "
read passwd
echo "password is $passwd"
echo -n "If someone had been looking over your shoulder, "
echo "your password would have been compromised."
echo && echo # Two line-feeds in an "and list."
stty -echo # Turns off screen echo.
echo -n "Enter password again "
read passwd
echo
echo "password is $passwd"
echo
stty echo

I've used many flavours of unix since 1980 and Linux since 1992, I have yet to see one that echos anything back to the screen.

Here is the link to RFC86 which was the Pluggable Authentication Modules, but I can say that before that I had never seen a password echoed on any of the many versions that I had worked with.

These included DG's MVUX and DGUX, Dynix, Olivetti Unix, CT Unix and a number of others.

Research the crypt function for details on how UNIX password encryption worked historically, and the shadow system for when they moved that out of /etc/passwd completely.

UNIX as its now known never stored passwords in plaintext, that would be preposterous. /etc/passwd must be world-readable, they must be protected in some way. They didn't just encrypt the passwords, they encrypted them irretrievably. Not even the operating system can tell what the hashes are supposed to mean. Instead, when you login, it takes a hash of what you typed and compares the result to see if it's identical to the hash stored in /etc/passwd. If they match, you login.

There turned out to be vulnerabilities in letting everyone see all the hashes. If you happen to have the same password as someone else, you might notice the identical hash, something they fixed with a random salt which obscures the hashes from being checked quite so easily. Still, however, you can't go backwards from a hash, but you can check a thousand strings from a dictionary and all 256 of their salts to see if any of them become that same hash. They took measures to make crypt() too unwieldy to do that quickly, but advances in computing soon made it not unwieldy enough, and the password hashes were split out into a "shadow" file, which is only readable by root.

The old-fashioned UNIX crypt() algorithm is is mostly obsolete, now, but has been extended to allow other kinds of encryption in the same sort of stored hash.

As for echoing back to the screen, UNIX terminal control is also about as old as UNIX itself -- what else would they control them with back then? I suspect the ability to turn off echo predates UNIX, even.

Hi.

Note also that the original terminal for UNIX (TM) was in fact a teletype -- a TTY. That, and many hardcopy devices, would always show the text as it was typed in, so the 8 character-space for the password was obscured beforehand with a series of over-strikes, so that it was very difficult to see what had been typed by the human. Still the NSA could ... but that's a different story, eh? ... cheers, drl

It certainly does.