LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 04-04-2003, 04:03 AM   #1
teeno
Member
 
Registered: Jul 2001
Posts: 72

Rep: Reputation: 15
User Names & passwords Backup


Hi,

I am running Redhat Linux 7.0 with over 30 users set-up. I current backup all personal files and system files that I need to be able to restore the server if it fails. But I am unsure if I will be able to restore all user names and passwords without re-entering them all.

Please can some one tell me how I can make sure that I will be able to restore all user information if I need to?

Thanks,

Pete
 
Old 04-04-2003, 08:11 AM   #2
wapcaplet
Guru
 
Registered: Feb 2003
Location: Colorado Springs, CO
Distribution: Gentoo
Posts: 2,018

Rep: Reputation: 48
As far as I know, all information needed to specify the users available on the system is saved in /etc/passwd, along with /etc/shadow if you have shadow passwords enabled. Group information is saved in /etc/groups.

All these files are plain ASCII text, so I presume you could just make backups of these, and restore them later if something bad happens (actually, backing up the entire /etc/ directory wouldn't be a bad idea, since it contains config stuff for everything else too).

Though, I have not experimented much with backups... perhaps there is a better system for doing this.

By the way, nobody's password is actually saved anywhere. /etc/passwd (or /etc/shadow, if shadow is on) simply contains a string of garbage known as a hash. When you enter your password, it gets hashed into garbage in a particular way. If the garbage matches the garbage in /etc/passwd, you get to log in. The hash function is one-way, meaning you can't figure out what someone's password is from the hash (without a ridiculous amount of brute-force guessing). Just a tidbit of info if you are interested
 
Old 04-04-2003, 08:27 AM   #3
teeno
Member
 
Registered: Jul 2001
Posts: 72

Original Poster
Rep: Reputation: 15
Thanks.

I already backup the /etc directory so I should be OK. I will have to try restoring onto another system and see if it works.

Cheers,
Peter
 
Old 04-04-2003, 09:32 AM   #4
fsbooks
Member
 
Registered: Jan 2002
Location: Missoula. Montana, USA
Distribution: fedora, slackware, suse
Posts: 447

Rep: Reputation: 31
Nice to hear someone actually doing critical backups ;-) Note that the brute force needed to break passwords is not so significant these days with the current speed of computers. It is one reason shadow passwords are typically (and should be) used. One more layer of protection by only allowing root access to the hashed passwords.
 
Old 04-04-2003, 09:50 AM   #5
wapcaplet
Guru
 
Registered: Feb 2003
Location: Colorado Springs, CO
Distribution: Gentoo
Posts: 2,018

Rep: Reputation: 48
Quote:
Originally posted by fsbooks
Note that the brute force needed to break passwords is not so significant these days with the current speed of computers. It is one reason shadow passwords are typically (and should be) used.
Quite true. They use DES, I think...? Brute-forcing regular DES is quite feasible these days, especially with a hardware DES cracker. (The EFF built a hardware cracker for $250,000 which cracked one key in 3 days, and the distributed project did it in 22 hours).

Triple-DES is supposedly good enough to be unbreakable, though quantum computing may prove that wrong...

So yes, shadow passwords are an extremely good idea
 
Old 04-07-2003, 04:24 AM   #6
teeno
Member
 
Registered: Jul 2001
Posts: 72

Original Poster
Rep: Reputation: 15
This is all very interesting but I only want too backup my Linux box not hack into it.

Am I missing the point?
 
Old 04-07-2003, 07:06 AM   #7
wapcaplet
Guru
 
Registered: Feb 2003
Location: Colorado Springs, CO
Distribution: Gentoo
Posts: 2,018

Rep: Reputation: 48
Quote:
Originally posted by teeno
This is all very interesting but I only want too backup my Linux box not hack into it.

Am I missing the point?
Heh, sorry, got off the subject there
 
Old 04-07-2003, 08:09 AM   #8
NGraphiX
Member
 
Registered: Feb 2002
Location: Jerusalem, Israel
Distribution: Fedora Core 3
Posts: 154

Rep: Reputation: 30
is there a hash algo using AES (Rijindal)?
that is supposed to be pretty tough to break
 
Old 04-07-2003, 09:17 AM   #9
linuxlastslonge
Member
 
Registered: Jun 2002
Location: Franklin, IN
Distribution: Debian, CentOS, Mac OS X
Posts: 158

Rep: Reputation: 30
i've tried restoring the /etc/passwd on a system that crashed. i had to re-enter all users. when i tried to login, the passwords didn't work. why? i found out that the GUID and UID's didn't match what was in the password file. this was on a rh7.3 system. i also read somewhere that the passwd encryption algorithym is machine specific; meaning that you can't use the passwd file on a different system because of how the passwd's are hashed in a text file.

this has been my own experience and what i have read. if i am incorrect with any information that i have posted, please, someone let me know.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Matching encrypted user passwords linuxprogrammer Linux - Newbie 2 10-11-2004 11:53 PM
Root & user logins : Passwords? Why not encryption keys instead? furfurdemon666 Linux - Security 4 07-02-2004 09:17 AM
Restore User names and passwords teeno Linux - General 2 03-24-2004 02:16 AM
Is there a way to sync Samba passwords with linux user passwords MarleyGPN Linux - Networking 2 09-09-2003 10:59 AM
end user passwords bear51 Linux - Newbie 0 05-22-2002 01:27 PM


All times are GMT -5. The time now is 04:19 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration