shadow password hashes
Hey guys
Two questions, 1 - Is the following correct: The /etc/shadow file contains an id of $1$, $2$, $5$ or $6$ to show the encryption method used. A salt follows this, followed by the password hash. When a user is created and a password is set, a hash is RANDOMLY generated and used as the salt to the password hash. Everytime that user logs in, login checks /etc/shadow for the $id$ and salt and runs the password given by the user through the hash mechanism ($id$) using the salt in /etc/shadow. So basically does login look at /etc/shadow for the $id$ and salt to create a hash with which to compare to the /etc/shadow hash? question 2 - If my $id$ was $5$, which is sha256, how would i go about changing this? Like is there a shadow.conf or crypt.conf or something? Can i change it per user? Thank you |
Quote:
Some distros have a command which will change all the appropriate files for you, but in a nutshell you will need to change PAM and the system itself. Take a look at (again may be different in other distros): /etc/pam.d/password /etc/default/password /etc/login.defs After you change the type of hash, you will have to regenerate the password hashes for your users. |
Quote:
Quote:
|
All times are GMT -5. The time now is 12:21 AM. |