I noticed that our /etc/shadow file is readable on a patch I released for one of our in house linux boxes a while back ago. Could they use it to gain access the root account etc? Our passwords are all MD5 encrypted.
View 5 RepliesI've been trying to write php or perl code to generate the sha-512 password hashes in fedora. I've been unable to do the hashing which is encoded in the shadow file on fedora core 11. Does anyone have php or perl code which provides the hashing algorithm. (All of my attempts result in the encrypted hashing being longer than 86 character -- the length that crypt says the sha-512 should be)
View 3 Replies View RelatedMay i ask if how or should i concern about my history records my rdesktop full cmd. I dont want to disable my history in the cmd and want to use it.
Im using rdesktop cmd since it more easy and direct to connect to a terminal RDP. I noticed the history records all my full command rdesktop which state the domain, user ,password. in txt mode..May i ask if this has any problem should i concern with..
The /etc/shadow file contains an id of $1$, $2$, $5$ or $6$ to show the encryption method used.A salt follows this,followed by the password hash.When a user is created and a password is set, a hash is RANDOMLY generated and used as the salt to the password hash. Everytime that user logs in, login checks /etc/shadow for the $id$ and salt and runs the password given by the user through the hash mechanism ($id$) using the salt in /etc/shadow.So basically does login look at /etc/shadow for the $id$ and salt to create a hash with which to compare to the /etc/shadow hash?question 2 - If my $id$ was $5$, which is sha256, how would i go about changing this? Like is there a shadow.conf or crypt.conf or something? Can i change it per user?
View 2 Replies View RelatedToday i was going through some of security guides written on linux .Under shadow file security following points were mentioned.1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters.2)Usernames in shadow file must satisfy to all the same rules as usernames in /etc/passwd.3)password for application Username should display * if username is not locked.4)If a user is locked it should be displayed as ! as the first character in second field of shadow file.
Confusion for point 1 and 2:Now i m confused as why the encrypted password should be more than 14-25 characters.Also what rules to satisfy How to check it?Confusion for point 3 and 4:There are lot of users with * as second field i guess they are not locked but according to 4th point there are lot of users with ! as first characters.How would i check whether they are actually locked or not.I m posting the output of /etc/shadow and /etc/passwd files for the account.
I would like to grep all values other than encrypted password from /etc/shadow fileFor example,each line consists of 8 fields separated with :/The only thing that I want not to print out is the contents between first : and second : (encrypted password)
View 7 Replies View RelatedI am working on building a customized ISO image of a server based on linux. The thing is after the server is installed and run for the first time, three users have to be created for the various services to run properly. I want this to be automated. To achieve this what is was thinking is automatically enter the user entries in the /etc/passwd and /etc/shadow files through init scripts when the server starts for the first time after the installation. I tried creating user and assigning password in one of my machine, and the /etc/passwd and the /etc/shadow entries of this user I copied it into the other machine and tried login in on the other machine and everything worked fine. How I am trying to achieve this.
View 1 Replies View RelatedI want to know, how does changes happened in the encrypted password in /etc/shadow file , when user changing password . because user doesnot have access on that file
View 1 Replies View RelatedI am moving my Linux server from Suse 10 to Ubuntu 9.04 and I moved the significant parts of /etc/shadow, /etc/passwd, and /etc/group over to Ubuntu 9.04. I am not able to login into the computer with the old accounts. The only problem I see is that the old accounts use Blowfish and DES to encrypt the passwords in /etc/shadow, and Ubuntu uses SHA512. If I change the passwords, the accounts will work. However; I have about 300 accounts to move, and I don't want to do that to all of them. I have tired Ubuntu Forums and talked to every linux expert I know, and no one has an answer.
View 7 Replies View RelatedI need to manually convert an string ( like with echo ) to a DES crypt format to be inserted inside a /etc/shadow file, does anybody knows how can I do that?
Maybe there are some little tool that could handle that operation, well.. I don't know, hope someone can give me a hint on that.
In what cases would a user appear in /etc/shadow and not /etc/passwd
View 2 Replies View RelatedI am trying to write a remote access module. Is there any function in linux where I can give string (password entered by user) and compare it with the actual user password stored in /etc/shadow. Since the password is stored encrypted in /etc/shadow I cannot parse and compare. So I want some method to compare if my user entered the correct password..Is there any function for that..
View 6 Replies View Relatedi use SHA-512 algorithm in the /etc/shadow File But i Want to use my lgorithm ..
how i can remove the sha-512 and use my algoritm ? Because no one can des encrypt it !! He Not Know the algorithm method
I need to create a script that returns a list of the users who have never changed their password from /etc/shadow. As I know on linux there is a command "chage" used for find last password change.
View 2 Replies View Relatedi have installed Ossec and save it on my sql database but the timestamp of alert is not human readable, how to make it readable ? is there algorithm to make it readable?
View 1 Replies View RelatedHI am facing the strange issue in netbeans on ubuntu 9.04. whenever the file contains more than 3000 lines the characters overlap on each other and the file is not readable, where as if the file is less than 3000 lines it works fine. what may be the reason ?
View 2 Replies View RelatedThis is weird, today I updated my system and while trying to visudo from single user mode got
"cannot read /etc/shadow: Permission denied"
which kept me from doing anything until I switched to file permissions of 400 on shadow, then back. Is this being experienced by anyone else or just me? /etc/security/limits.conf doesn't seem like it wants to change in enforcing mode either and I can't find any alerts to provide clues on the situation.
I'm trying to setup ssh access on my Fedora 12 laptop. I get the following error message in /var/log/secure when I try to login from another machine using ssh and the login is denied:
Code:
sshd[3025]: error: Could not get shadow information for <user>
sshd[3025]: Failed password for <user> from <ip> port <port> ssh2
If I do a 'setenforce 0' I can login and no error is logged.
I have noticed and this now worries me, if I export a KeePassX xml file then open it with a text editor I can see all my �private� details.Just tested it on my old desktop with Slitaz and open the exported file with leafpad text editor and I can see my details just the same.Previously I used RoboForm and when viewing an exported file in the same way you could not make out any of my details. Is KeePassX designed this way or have I not used KeePassX correctly.I have posted this on KeePassX forum and emailed them direct with no response so far.Ubuntu 11.04.
View 9 Replies View Relatedam fiddling around using an AES encrypted password which is stored in passwd.txt:cat ../passwd/passwd.txt
{AES}yTMWTrdbuPtCxikvv5udVDTQ70anBVVKvP+GPQEH1RY=Yet I like to interpret this password on the command line using svn checkout, so I do not have to type in my password ( which is visible on the command line):Exporting the variable SVNPASS reading it from the passwd.txt ( export SVNPASS=`cat <../passwd/passwd.txt`) won't work obviously as it interprets it as "text", so my question is, if there is a proper way to interpret this stored AES password so I can read it from the file?The alternative is to type in the password on the command line, but this needs to be invisible eitehr showing #, * or "hidden".
the last option is described: http://www.tech-recipes.com/rx/278/h...-shell-script/
I was wondering how to password protect certain file folders?
View 6 Replies View RelatedIs there a program that allows me to password lock a single file or folder?
View 5 Replies View RelatedI recently mashed the passwd, shadow, gshadow, group files in my Fedora 12 installation. I was dumb and didn't take a copy of the originals and all I have is the originals from a Fedora 11 installation.
View 2 Replies View RelatedIm using opennms network configuration backup server called 'RANCID'.It run on top of RHEL5 system and using APache. Here's the link which i'm accessing [URL] But any one can access this URL and obtain my configuration files
I want to secure this using a logon page.allow login Only for the successful authentications by entering the predefined username and password But after get authenticate book marking the above URL still can access anyone since it didnt prompt username and password again In eachtime executing the above url it should direct to authenticate page
i am new to debian. I need to know after booting sequence login shell appears to get username and password. so what happens when user puts username and password ?? how this given username and password are matched with /etc/shadow file ??
my another question is what is role of /etc/pam.d/ authenticating username and password ?? does it work with shadow file or not ?
I am just wondering what encryption method the shadow file uses, so that I may be able to manually change it. I ask this because I am trying to make a web page that will allow people to change their linux password via a browser.
View 4 Replies View RelatedI have been scouring the internet looking for a good solution to reading .pdb eBooks on Linux.It seems that there isn't one.Could you perhaps recommend a good app to either convert the file easily into something readable or (more preferably) an app that can read them?
View 3 Replies View RelatedI'm running RHEL 5. When using the GUI System>Administration>Users and Groups, I get the error: The user database cannot be read. This problem is most likely caused by a mismatch between /etc/passwd and /etc/shadow or /etc/group and /etc/gshadow. The program will exit now.
Some research showed that I need to use vipw and vigr respectively to find an inconsistency between these two sets, which I did - to make it easy I copied each from [vipw | vigr] to an excel file and did =exact(%1, %2). There are no inconsistencies.
[Code]...
I'm trying to learn how to create a user account manually on the system, and I've edited the /etc/passwd and /etc/groups as well as creating a new home directory by copying /etc/skel but I'm stuck at how to generate an entry in the /etc/shadow file since it comprises of the hash and all?
View 4 Replies View RelatedI deleted root from passwd and shadow file.Can I crate a new root user?
View 1 Replies View Related