General :: Shadow File Password Policy?

Oct 1, 2010

Today i was going through some of security guides written on linux .Under shadow file security following points were mentioned.1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters.2)Usernames in shadow file must satisfy to all the same rules as usernames in /etc/passwd.3)password for application Username should display * if username is not locked.4)If a user is locked it should be displayed as ! as the first character in second field of shadow file.

Confusion for point 1 and 2:Now i m confused as why the encrypted password should be more than 14-25 characters.Also what rules to satisfy How to check it?Confusion for point 3 and 4:There are lot of users with * as second field i guess they are not locked but according to 4th point there are lot of users with ! as first characters.How would i check whether they are actually locked or not.I m posting the output of /etc/shadow and /etc/passwd files for the account.

View 11 Replies


ADVERTISEMENT

General :: Grep All Values Other Than Encrypted Password From /etc/shadow File?

Jan 14, 2010

I would like to grep all values other than encrypted password from /etc/shadow fileFor example,each line consists of 8 fields separated with :/The only thing that I want not to print out is the contents between first : and second : (encrypted password)

View 7 Replies View Related

Security :: Shadow File Readable - MD5 Password Exposed

Jun 7, 2010

I noticed that our /etc/shadow file is readable on a patch I released for one of our in house linux boxes a while back ago. Could they use it to gain access the root account etc? Our passwords are all MD5 encrypted.

View 5 Replies View Related

Server :: Adding Entries Directly In Password Shadow File

Mar 11, 2011

I am working on building a customized ISO image of a server based on linux. The thing is after the server is installed and run for the first time, three users have to be created for the various services to run properly. I want this to be automated. To achieve this what is was thinking is automatically enter the user entries in the /etc/passwd and /etc/shadow files through init scripts when the server starts for the first time after the installation. I tried creating user and assigning password in one of my machine, and the /etc/passwd and the /etc/shadow entries of this user I copied it into the other machine and tried login in on the other machine and everything worked fine. How I am trying to achieve this.

View 1 Replies View Related

Server :: Changes Happened In /etc/shadow File, When User Changing Password?

Jan 24, 2011

I want to know, how does changes happened in the encrypted password in /etc/shadow file , when user changing password . because user doesnot have access on that file

View 1 Replies View Related

Fedora Security :: Generating Password Hashes Compatible With FC11/sha-512 Shadow File?

Jul 3, 2009

I've been trying to write php or perl code to generate the sha-512 password hashes in fedora. I've been unable to do the hashing which is encoded in the shadow file on fedora core 11. Does anyone have php or perl code which provides the hashing algorithm. (All of my attempts result in the encrypted hashing being longer than 86 character -- the length that crypt says the sha-512 should be)

View 3 Replies View Related

General :: Password Policy Affecting Root User ?

Aug 3, 2011

I am using pam module to set password policy in my SuSE linux machine. This is my /etc/pam.d/common-password file:

Now if root user tries to change the password of a normal user, giving the same password, it is throwing an error saying "Password has been already used. Choose another".

Example:
> passwd user1
> password1 (set successfully)
> passwd user1
> password1 (Password has been already used. Choose another)

This should not happen with the root user.

View 2 Replies View Related

General :: Converting A String To An Shadow Password Format

Apr 15, 2010

I need to manually convert an string ( like with echo ) to a DES crypt format to be inserted inside a /etc/shadow file, does anybody knows how can I do that?

Maybe there are some little tool that could handle that operation, well.. I don't know, hope someone can give me a hint on that.

View 3 Replies View Related

General :: Display Password Policy Information For A User - Ubuntu?

Jun 9, 2010

Ubuntu Documentation > Ubuntu 9.04 > Ubuntu Server Guide > Security > User Management states that there is a default minimum password length for Ubuntu:

Say the password is to be modified by the user using passwd. Is there a command for displaying the current password policies for a user (such as the chage command displays the password expiration information for a specific user)?

This is rather than examining various places that control the policy and interpreting them since the process could contain errors. A command that reports the composed policy would be used to check the policy setting steps.

View 1 Replies View Related

General :: What Encryption Does The /etc/shadow File Use For Passwords

Nov 26, 2009

I am just wondering what encryption method the shadow file uses, so that I may be able to manually change it. I ask this because I am trying to make a web page that will allow people to change their linux password via a browser.

View 4 Replies View Related

General :: Deleted Root From Passwd And Shadow File

Oct 7, 2010

I deleted root from passwd and shadow file.Can I crate a new root user?

View 1 Replies View Related

General :: Using Fedora 11 Password, Shadow, Gshadow, Group Files In Fedora 12?

Apr 28, 2010

I recently mashed the passwd, shadow, gshadow, group files in my Fedora 12 installation. I was dumb and didn't take a copy of the originals and all I have is the originals from a Fedora 11 installation.

View 2 Replies View Related

General :: Password/shadow Or Group/gshadow Mismatch - Error "user Database Cannot Be Read"

Aug 6, 2010

I'm running RHEL 5. When using the GUI System>Administration>Users and Groups, I get the error: The user database cannot be read. This problem is most likely caused by a mismatch between /etc/passwd and /etc/shadow or /etc/group and /etc/gshadow. The program will exit now.

Some research showed that I need to use vipw and vigr respectively to find an inconsistency between these two sets, which I did - to make it easy I copied each from [vipw | vigr] to an excel file and did =exact(%1, %2). There are no inconsistencies.

[Code]...

View 1 Replies View Related

Software :: Password Encryption In /etc/shadow?

Jun 16, 2009

I am moving my Linux server from Suse 10 to Ubuntu 9.04 and I moved the significant parts of /etc/shadow, /etc/passwd, and /etc/group over to Ubuntu 9.04. I am not able to login into the computer with the old accounts. The only problem I see is that the old accounts use Blowfish and DES to encrypt the passwords in /etc/shadow, and Ubuntu uses SHA512. If I change the passwords, the accounts will work. However; I have about 300 accounts to move, and I don't want to do that to all of them. I have tired Ubuntu Forums and talked to every linux expert I know, and no one has an answer.

View 7 Replies View Related

Server :: Enable A Password Policy For Squirrelmail?

Jul 29, 2011

My organisation is running squirrelmail on a redhat server. When users are created , at that time the admin sets a password. Thereafter the user can login to his account using the password. But he can't change it as is the case with gmail or yahoo mail. Also the password for any account is known to the admin in addition to the user himself - a weak security arrangement !So what I wish to do is provide a way for users to change his password anytime he wants and also during the first login - as is normally done in banking sites, etc

View 14 Replies View Related

Security :: Shadow Password Hashes - If My $id$ Was $5$, Which Is Sha256?

Apr 26, 2011

The /etc/shadow file contains an id of $1$, $2$, $5$ or $6$ to show the encryption method used.A salt follows this,followed by the password hash.When a user is created and a password is set, a hash is RANDOMLY generated and used as the salt to the password hash. Everytime that user logs in, login checks /etc/shadow for the $id$ and salt and runs the password given by the user through the hash mechanism ($id$) using the salt in /etc/shadow.So basically does login look at /etc/shadow for the $id$ and salt to create a hash with which to compare to the /etc/shadow hash?question 2 - If my $id$ was $5$, which is sha256, how would i go about changing this? Like is there a shadow.conf or crypt.conf or something? Can i change it per user?

View 2 Replies View Related

Software :: Check A String With Actual User Passwd (ie Password In /etc/shadow)?

Sep 24, 2009

I am trying to write a remote access module. Is there any function in linux where I can give string (password entered by user) and compare it with the actual user password stored in /etc/shadow. Since the password is stored encrypted in /etc/shadow I cannot parse and compare. So I want some method to compare if my user entered the correct password..Is there any function for that..

View 6 Replies View Related

OpenSUSE Hardware :: Using Policy Kit To Restrict Removable Mounting To Prompt For Root Password?

May 26, 2010

i using policy kit to restrict removable mounting to prompt for root password, but on 11.2, I am unable to do so.i read out, ver 11.2 not longer using hal and policykit, rather sth like freedesktop.org policy.

View 9 Replies View Related

Programming :: Create A Script That Returns A List Of The Users Who Have Never Changed Their Password From /etc/shadow

May 17, 2011

I need to create a script that returns a list of the users who have never changed their password from /etc/shadow. As I know on linux there is a command "chage" used for find last password change.

View 2 Replies View Related

General :: What Is The Purpose Of Having "/etc/shadow" File

May 15, 2010

we can save the users password in /etc/password file itself.then why a special file /etc/shadow is created to save the encripted password of users.

View 2 Replies View Related

Debian :: How /etc/shadow File Authenticates An User ?

Feb 9, 2011

i am new to debian. I need to know after booting sequence login shell appears to get username and password. so what happens when user puts username and password ?? how this given username and password are matched with /etc/shadow file ??

my another question is what is role of /etc/pam.d/ authenticating username and password ?? does it work with shadow file or not ?

View 3 Replies View Related

Security :: Periodic Update Of Tripwire Policy File?

Jul 1, 2010

I have tripwire 2.4.1.2 running on one of our servers on a daily basis, and I was curious to know if it is good practice to periodically update the policy file. The reason for my asking that is while the daily reports that I get indicate there have been changes to files on a daily basis, there are also files that have not been modified for over a month. My thinking is an update of the policy file will establish an updated baseline, and those files that have not been changed for so long will not be reported on until they get changed again.

View 1 Replies View Related

Ubuntu :: Manually Generate An Entry In The /etc/shadow File?

Oct 25, 2010

I'm trying to learn how to create a user account manually on the system, and I've edited the /etc/passwd and /etc/groups as well as creating a new home directory by copying /etc/skel but I'm stuck at how to generate an entry in the /etc/shadow file since it comprises of the hash and all?

View 4 Replies View Related

Programming :: Replace A Hash In A Shadow File Not Using Passwd?

Aug 5, 2010

What is the easiest way to replace a hash in a shadow file for one particular user, not using passwd, and when the current password is unknown?

View 3 Replies View Related

General :: Remove Write-Protected File - Will It Actually Delete The Password File?

Jul 30, 2010

When I ls -l /etc/passwd, -rw-r--r-- 1 root root /etc/passwd When I login as myself, and rm /etc/passwd, it asks: rm: remove write-protected file '/etc/passwd'? If I say yes, will it actually delete the passwd file?

View 1 Replies View Related

General :: Change Password Using A Script File And Text File?

Jun 26, 2011

This is for educational purpose. In fact it is my lab tutorial for a subject.I want to capture the users password when he changes his password. Both new and old.This is the script i have come up with:

Code:
#!/bin/bash
echo "Changing password for user $USER."

[code]...

View 5 Replies View Related

General :: Write (Through Or Back) Policy On RAID 1 / 10

Sep 2, 2009

I am trying to prepare my PowerEdge 2950 before CentOS 5.3 installation(web server). I have hardware RAID 1/10 so I will have 2 virtual disks(VD).
First VDRAID 1) - 2 physical disks
Second VDRAID 10) - 4 physical disks
What should be write policy for the VD(RAID 1) and for the VD(RAID 10)? I would have "/var" and maybe "/tmp" on RAID 10.

View 1 Replies View Related

General :: Default Policy SH Does Not Support Version

Jun 13, 2010

When I try to install my propriety graphics driver. I don't know what it means. Here are the steps I took and what resulted:

killerzen@Decode666:~$ cd ~/Desktop
killerzen@Decode666:~/Desktop$ chmod +x ati-driver-installer-9.2-x86.x86_64.run
killerzen@Decode666:~/Desktop$ ./ati-driver-installer-9.2-x86.x86_64.run
Created directory fglrx-install.pHiKQh
Verifying archive integrity... All good.
Uncompressing ATI Proprietary Linux Driver-8.582
ATI Technologies Linux Driver Installer/Packager

Error: ./default_policy.sh does not support version
default:v2:i686:lib::none:2.6.32-22-generic; make sure that the version is being
correctly set by --iscurrentdistro
Removing temporary directory: fglrx-install.pHiKQh

View 14 Replies View Related

General :: Normal For /etc/shadow To Change It's Timestamp?

Aug 1, 2010

I noticed that file /etc/shadow changed it's timestamp.Why it is changed? Is it "normal"?

View 4 Replies View Related

General :: Create Shadow Pasword Hash Manually?

Oct 14, 2010

How to create the password hash exactly the same as in shadow file (from the command line)?

The command
openssl passwd -crypt
returns something different.

View 6 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved