LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-03-2007, 02:22 PM   #1
chakribobby
Member
 
Registered: Jan 2007
Posts: 49

Rep: Reputation: 15
How to know password of the user


hi
I have root privilege to the Linux system
My problem is “how can I find the password of the particular user with out changing the password of that user”

thanks in advance
 
Old 11-03-2007, 02:28 PM   #2
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,038

Rep: Reputation: 97
Why change or crack the password?

If you have root access you can su to any user without a password:
Code:
su - my_user
 
Old 11-03-2007, 02:37 PM   #3
konqi
Member
 
Registered: Oct 2007
Distribution: Gentoo, Slackware
Posts: 162

Rep: Reputation: 16
Its very simple:

1. ALT + F2 > typ kuser
2. If you're root you will het kuser, if you aren't root, typ the root-password.
3. The select the user you want
4. Click edit (at the top)
5. Then you can change the password
 
Old 11-03-2007, 02:44 PM   #4
matthewg42
Senior Member
 
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530

Rep: Reputation: 63
chakribobby, unix-style authentication using the passwd (and shadow) file works by putting the user's password through a cryptographic hashing function, and storing this hashed result. When the user tries to authenticate, the plaintext password they enter is put through the same hashing function, and if the result matches the stored value, the user is authenticated.

The hashing function is "one way", meaning that it is not possible (or infeasibly difficult) go from the hashes password back to the plain text password.

As a system administrator you should not have to reverse a password. If you want to reset a users password, this is possible, and you have to tell the user that you have reset their password (or at least they will know it because their old password will stop working). As root, you can assume the identiy of the user without having to know their password using the su program as Disillusionist mentioned.

The only legitimate reason for trying to determine a user's password is to discover weak passwords (those which can easily be guessed), which might constitute a security threat to the system you are administrating. I believe it is unethical to do this without telling users what you are doing because users often use the same password on many systems, and might not want you to know it. Of course this is bad security practise on their part, but that's no excuse to act in a shady manner.
 
Old 11-03-2007, 02:48 PM   #5
bsdunix
Senior Member
 
Registered: May 2006
Distribution: Caldera, CTOS, Debian, FreeBSD, Mac OS X, Mandrake, Minix, OpenBSD, Slackware, SuSE
Posts: 1,757

Rep: Reputation: 80
Quote:
5. Then you can change the password
You didn't read what the OP asked.
Quote:
My problem is “how can I find the password of the particular user with out changing the password of that user”
 
Old 11-03-2007, 03:21 PM   #6
Daws
Member
 
Registered: May 2006
Location: UK
Distribution: Debian
Posts: 448

Rep: Reputation: 37
Regardless of the OP's original question, the following still stands.

Quote:
The hashing function is "one way", meaning that it is not possible (or infeasibly difficult) go from the hashes password back to the plain text password.
Unless you find some kind of keylogger, you will have to crack the password.

John The Ripper is a good tool for discovering weak passwords.

You need root privileges to use John properly, as you need access to /etc/shadow file to recreate the actual password hash.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How could normal user obtain root password or change root password ckamheng Debian 18 02-18-2009 11:28 PM
user password bandrei Linux - Security 2 02-16-2007 11:41 AM
Help! Cannot Add a User to User Manager or Change Root Password lennysokol Linux - General 2 06-25-2005 10:59 AM
Samba -- XP user can log in to shares but smbclient user always gets password errors ejoe Linux - Software 3 04-18-2005 11:55 AM
what is the command to make a user change their password after creating a new user? naweenio Linux - Newbie 7 01-05-2005 08:07 AM


All times are GMT -5. The time now is 06:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration