Shadow file question
I'm a bit puzzled here.
I am trying to move accounts from Mandrake 10.1 to RH ES. As a part of the setup process of RH, i created an account for myself with the same password as on the M. Now, when i look at the shadow files of both machines, the hashes for my accounts are different. At the same time when i recreated some of other users on the RH and pasted the hashes from M's shadow file, i'm able to login without a problem (at least via FTP). So why is it that in one scenraio, when the password is the same, the hashes are different? Thanks, Tim |
The salts are different. A password field looks something like this:
Code:
$1$xxxxxxxx$yyyyyyyyyyyy |
As an addendum, you don't want a user to know if s/he has the same password as another user. By using different salts, you can allow multiple users to have the same password without having identical shadow entries.
Berhanie basically covered the technical aspects. |
To check if an entered password matches, just apply the identical mathematical algorithm
to it : if it matches, then the password is correct. This is how the login command works. Sometimes you will see a * in place of a hashed password. This means the account has been disabled. source : Rute User's Tutorial and Exposition by Paul Sheer. |
:-)
Berhanie, GNUbie and samael26,
Thank you very much for the quick response. This wasn't a critical issue, - i just don't like to leave something as "i don't get it, but since it is working - i don't bother figuring it out" Thanks again! |
All times are GMT -5. The time now is 01:36 AM. |