LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 06-17-2009, 12:35 AM   #1
vielmaj
LQ Newbie
 
Registered: Jun 2009
Posts: 24
Blog Entries: 1

Rep: Reputation: 0
password encryption in /etc/shadow


I am moving my Linux server from Suse 10 to Ubuntu 9.04 and I moved the significant parts of /etc/shadow, /etc/passwd, and /etc/group over to Ubuntu 9.04. I am not able to login into the computer with the old accounts. The only problem I see is that the old accounts use Blowfish and DES to encrypt the passwords in /etc/shadow, and Ubuntu uses SHA512. If I change the passwords, the accounts will work. However; I have about 300 accounts to move, and I don't want to do that to all of them. I have tired Ubuntu Forums and talked to every linux expert I know, and no one has an answer. Could some point me in the right direction on how to fix this.

Thanks,

Jason
 
Old 06-17-2009, 01:27 AM   #2
JulianTosh
Member
 
Registered: Sep 2007
Location: Las Vegas, NV
Distribution: Fedora / CentOS
Posts: 674
Blog Entries: 3

Rep: Reputation: 90
I understand the quest for knowledge, but consider the time you're wasting trying to solve a unique problem that may never be raised again. It may be wiser to invest the time learning how to script the resetting of numerous account passwords automatically.

Just some food for thought.
 
Old 06-17-2009, 10:59 AM   #3
vielmaj
LQ Newbie
 
Registered: Jun 2009
Posts: 24
Blog Entries: 1

Original Poster
Rep: Reputation: 0
I appreciate that you replied. I have put this on many forums and no one has given the same consideracy you have. You are probably correct and this is the same answer every linux expert I know has given me.

Quote:
Originally Posted by Admiral Beotch View Post
I understand the quest for knowledge, but consider the time you're wasting trying to solve a unique problem that may never be raised again. It may be ewiser to invest the time learning how to script the resetting of numerous account passwords automatically.

Just some food for thought.
 
Old 06-17-2009, 01:18 PM   #4
Disillusionist
Senior Member
 
Registered: Aug 2004
Location: England
Distribution: Ubuntu
Posts: 1,013

Rep: Reputation: 83
A perl script to help automate resetting the passwords:
Code:
#!/usr/bin/perl
use strict;
my $SALT='$1$senThESlt45r$';

open(USERLIST, "userlist") or die "Failed to open userlist!\n";

while(<USERLIST>) {
   my($user, $pass)=split(/ /, $_);
   my $enc_pass=crypt($pass, $SALT);

   print("/etc/sbin/usermod -p $enc_pass $user\n");
   # system("/etc/sbin/usermod -p $enc_pass $user");
}

close(USERLIST);
The script expects a file userlist to contain two columns, seperated by a space:
  1. The user to be reset.
  2. The unencrypted password.

Once you are happy that the script is getting the correct details, remove the # that is commenting out the system call.

Last edited by Disillusionist; 06-17-2009 at 01:19 PM.
 
Old 06-17-2009, 05:19 PM   #5
nuwen52
Member
 
Registered: Feb 2009
Distribution: CentOS 5, Gentoo, FreeBSD, Fedora, Mint, Slackware64
Posts: 205

Rep: Reputation: 46
I don't really recommend doing this, but couldn't you change the encryption method used on the Ubuntu machine to using DES? In the /etc/login.defs file maybe? Or would this not do what you want it to do? I've never tried this, so I am hesitant to do it on any of my current machines, because I already have them set up and don't want to kill the system. But, if it's a newly installed system that's not that much to reinstall, it might be an interesting experiment.

P.S. I have no idea if this would actually work or if there are other things you would have to change to make it work.

Last edited by nuwen52; 06-17-2009 at 05:25 PM.
 
Old 06-17-2009, 06:56 PM   #6
JulianTosh
Member
 
Registered: Sep 2007
Location: Las Vegas, NV
Distribution: Fedora / CentOS
Posts: 674
Blog Entries: 3

Rep: Reputation: 90
That is, indeed, the $25000 question... 8D But, one could take that long academic journey to figure it out, or move on to more productive and useful things by simply changing the passwords.
 
Old 06-17-2009, 07:18 PM   #7
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655
The characters in shadow file between the two "$" signs indicate the encryption used. Apparently Ubuntu hasn't support for Bluefish; otherwise it would be possible to use the same passwd/shadow file entries. Another difference to consider is the range of UIDs used for regular users. SuSE starts at 1000. Are the UIDs brought over from SuSE in the range of regular user UIDs that Ubuntu uses? Look in /etc/login.defs. My guess is that they are, and you would more likely run into a problem had you gone from Ubuntu to SuSE.
 
Old 06-18-2009, 07:50 AM   #8
nuwen52
Member
 
Registered: Feb 2009
Distribution: CentOS 5, Gentoo, FreeBSD, Fedora, Mint, Slackware64
Posts: 205

Rep: Reputation: 46
Quote:
Originally Posted by Admiral Beotch View Post
That is, indeed, the $25000 question... 8D But, one could take that long academic journey to figure it out, or move on to more productive and useful things by simply changing the passwords.
Agreed. It's more of a curiosity. It doesn't look like it would work this time anyway. Well, good luck with changing over the passwords and getting the rest of the server moved over.

Last edited by nuwen52; 06-18-2009 at 07:52 AM.
 
  


Reply

Tags
account, encrypt, migrate, passwords


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Shadow Password linuxjamil Linux - Server 1 08-04-2007 06:13 AM
Linux password encryption and data encryption Tux-Slack Programming 4 06-20-2007 07:46 AM
shadow password - password field ayhopkins Linux - Security 8 11-17-2005 06:25 AM
Shadow password encryption mnisski Linux - General 3 05-28-2004 07:24 PM
shadow password wincrk Linux - Security 3 03-16-2003 10:07 PM


All times are GMT -5. The time now is 08:36 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration