Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I use RedHat 9.0. What happens if I deselect the "use(enable) MD5 encryption" option during the installation of RedHat Linux?
Is there any way that I can decrypt an MD5 password? Because, I want to write a simple JAVA application that lets a user login the RedHat system. Is that possible? Can anybody help me in this regard?
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
MD5 is just a replacement for DES as the password hashing mechanism. No, you cannot decrypt MD5 hashed values, that's the whole point! If you could, it would make password hashing worthless.
What you can do is take user input and MD5 it, then compare that to the hash in /etc/shadow. You do need to be root to read /etc/shadow, though. I sure wouldn't recommend running any Java apps as root.
The MD stands for Message Digest. It is a way of authenticating that the RPM files haven't been altered. It would be very difficult for someone to alter a file and have it produce an identical MD5 signiture.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Quote:
It is a way of authenticating that the RPM files haven't been altered.
It's used for a lot more than RPM validation. I'm very certain the message he was asking about relates to the shadow password hashing any way, not to RPM validation. In any case, MD5 is just a cryptographical checksum hashing algorithm.
I thought that the option he was talking about, was whether md5 sums were verified during the install process (such as a network install), rather than whether they were used by a PAM module. It seemed to me like a two part question.
I suppose that the best general advise on his password question is to use the best standard method of authentication, and don't monkey with it unless you are a security expert, who knows that you are not introducing problems. Someone a lot more knowledgeable then myself.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.