LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-12-2005, 08:16 AM   #1
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,113

Rep: Reputation: 57
MD5 password encrytion


I have installed SUSE 9.0 several time because what is happenening is on the install I setup my root password in MD5 encrytion format (It give me three options, Default, MD5, and Blowfish). If I use default is says that the password that I am using is to short so that is why I use MD5. I have not tried Blowfish.After everything is setup usually will ssh into my box from work and change the password to something more secure. What is happening is when I ssh in to my box and change my password it works for a while and then after several attemps I cannot get back into as root. Is there something that I have to modify so that this doesnt happen. the command that I use when is passwd root: and then I change my password. Could it possible be that by using this command it changes the encrytion that I was using MD5 to something different and that would be the reason my password never work. This is driving me crazy.
 
Old 07-13-2005, 06:04 PM   #2
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 51
Hmm sounds very strange. Note the password hash that's in the /etc/shadow file when its working and see if that's changed when its not working. Also check your /etc/ssh/sshd_config to see if root login is allowed, although usually its either allowed or its not - not allowed for a while then revoked.
 
Old 07-13-2005, 06:16 PM   #3
Krugger
Member
 
Registered: Oct 2004
Posts: 229

Rep: Reputation: 30
I changed from the default that is DES or something like that to Blowfish and never had any complaints from the users and when I look at the file I see Blowfish encrypted password mixed with the default ones. This in a Suse 9.1 box
 
Old 07-19-2005, 04:42 PM   #4
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,113

Original Poster
Rep: Reputation: 57
SO far after reinstall SUSE 9.0 again, I havnt run into a problems but I am a little nervous about changing the password again for what had happened to me earlier. If this does happen again, is there a backdoor that I could use to get in and change my password again?
 
Old 07-19-2005, 05:43 PM   #5
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 51
Quote:
is there a backdoor that I could use to get in and change my password again?
Boot into rescue mode from the Suse install CD/DVD or boot any Linux Livecd, mount your partition(s) and edit the /etc/shadow file.
 
Old 07-19-2005, 08:40 PM   #6
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,113

Original Poster
Rep: Reputation: 57
when you say edit your etc/shadow file, I see that mu old passoword is encrypted so what would I do remove the old stuff and put in a new password?
 
Old 07-20-2005, 04:32 AM   #7
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 51
Yes. Copy the password hash from somewhere else, ie. an account that works perhaps on another box.
 
Old 07-20-2005, 07:52 AM   #8
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,113

Original Poster
Rep: Reputation: 57
just one more question. Can a cracker do the same thing if he wanted to.

ex.

a cracker copies his hash password from his machine on to a floppy and then finds your machine and then boots with a cdrom or a disk and just copy his hash password into your etc/shadow file and then viola there in as root and the hell begins.

Last edited by metallica1973; 07-20-2005 at 07:55 AM.
 
Old 07-20-2005, 09:21 AM   #9
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 51
Yes of course.

Anybody who has physical access to the inside of your computer (no matter what type of computer it is) can bypass operating system security. Even if you set a BIOS password and disabled booting from CDROM or Floppy the cracker could just open your box and either reset the BIOS by removing its battery or simply remove your hard drive and plug it into his own computer. Its the same with Windows too BTW - there are plenty of Windows password recovery livecds or programs available for free a short google away.

The only way to get around this is to encrypt your data, or even your entire hard drive if you really don't have any physical security for your computer (eg. your travel laptop).

But the easiest solution is to not let malicious crackers carying screwdrivers walk into your home or place of business!

Last edited by tkedwards; 07-20-2005 at 09:22 AM.
 
Old 07-20-2005, 10:50 AM   #10
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,113

Original Poster
Rep: Reputation: 57
many thanks TKEDWARDS. you are contributing to a great cause.

and to every else who responded to this post.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
radius encrytion question dvong3 Linux - Security 2 11-24-2005 05:15 PM
Password Encryption After MD5 Deprecation ombill Fedora 1 08-22-2005 05:16 PM
MD5 password changes checksum when entered into database. Pcghost Programming 9 10-21-2003 12:31 PM
Making An Md5 Encrypted Password Manually [BHBS]=TK Linux - Security 2 04-23-2002 04:08 PM
Can I Confirm or Verify an md5 password? MikHud Linux - Security 1 04-03-2002 06:43 PM


All times are GMT -5. The time now is 08:59 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration