User Names & passwords Backup

teeno · 04-04-2003, 04:03 AM

Hi,

I am running Redhat Linux 7.0 with over 30 users set-up. I current backup all personal files and system files that I need to be able to restore the server if it fails. But I am unsure if I will be able to restore all user names and passwords without re-entering them all.

Please can some one tell me how I can make sure that I will be able to restore all user information if I need to?

Thanks,

Pete

wapcaplet · 04-04-2003, 08:11 AM

As far as I know, all information needed to specify the users available on the system is saved in /etc/passwd, along with /etc/shadow if you have shadow passwords enabled. Group information is saved in /etc/groups.

All these files are plain ASCII text, so I presume you could just make backups of these, and restore them later if something bad happens (actually, backing up the entire /etc/ directory wouldn't be a bad idea, since it contains config stuff for everything else too).

Though, I have not experimented much with backups... perhaps there is a better system for doing this.

By the way, nobody's password is actually saved anywhere. /etc/passwd (or /etc/shadow, if shadow is on) simply contains a string of garbage known as a hash. When you enter your password, it gets hashed into garbage in a particular way. If the garbage matches the garbage in /etc/passwd, you get to log in. The hash function is one-way, meaning you can't figure out what someone's password is from the hash (without a ridiculous amount of brute-force guessing). Just a tidbit of info if you are interested

teeno · 04-04-2003, 08:27 AM

Thanks.

I already backup the /etc directory so I should be OK. I will have to try restoring onto another system and see if it works.

Cheers,
Peter

fsbooks · 04-04-2003, 09:32 AM

Nice to hear someone actually doing critical backups ;-) Note that the brute force needed to break passwords is not so significant these days with the current speed of computers. It is one reason shadow passwords are typically (and should be) used. One more layer of protection by only allowing root access to the hashed passwords.

wapcaplet · 04-04-2003, 09:50 AM

Quote:

Originally posted by fsbooks
Note that the brute force needed to break passwords is not so significant these days with the current speed of computers. It is one reason shadow passwords are typically (and should be) used.

Quite true. They use DES, I think...? Brute-forcing regular DES is quite feasible these days, especially with a hardware DES cracker. (The EFF built a hardware cracker for $250,000 which cracked one key in 3 days, and the distributed project did it in 22 hours).

Triple-DES is supposedly good enough to be unbreakable, though quantum computing may prove that wrong...

So yes, shadow passwords are an extremely good idea

teeno · 04-07-2003, 04:24 AM

This is all very interesting but I only want too backup my Linux box not hack into it.

Am I missing the point?

wapcaplet · 04-07-2003, 07:06 AM

Quote:

Originally posted by teeno
This is all very interesting but I only want too backup my Linux box not hack into it.

Am I missing the point?

Heh, sorry, got off the subject there

NGraphiX · 04-07-2003, 08:09 AM

is there a hash algo using AES (Rijindal)?
that is supposed to be pretty tough to break

linuxlastslonge · 04-07-2003, 09:17 AM

i've tried restoring the /etc/passwd on a system that crashed. i had to re-enter all users. when i tried to login, the passwords didn't work. why? i found out that the GUID and UID's didn't match what was in the password file. this was on a rh7.3 system. i also read somewhere that the passwd encryption algorithym is machine specific; meaning that you can't use the passwd file on a different system because of how the passwd's are hashed in a text file.

this has been my own experience and what i have read. if i am incorrect with any information that i have posted, please, someone let me know.