Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I don't believe there is such a utility. Or at least, I've never heard of it. Talk about a huge security hole if there is.
Instead of trying to crack your users' passwords, why not create a new, test account that you know the password for, and practice/experiment on it. Then delete the account when you're finished. If you need it to behave like a different user (through personal settings, etc.), then just copy of the home directory of the user you're trying to imitate to the home directory of the experimental user (and change the permissions of course).
I really don't think you can do that. The passwords are encrypted with one way encryption functions. Hackers, if the ever find a way to read the shadow file, they will do a brute force attack to decrypt it.
This is how the the authentication mechanism works:
You apply a new password:<string>
the system will use the encryption function and encrypt the <string>:
f(<string>)=<encrypted string>,
and then the encrypted password will be stored.
When someone logs in, the password he applies in the prompt, is encrypted and then compared with the stored encrypted password (<encrypted string>). If they are the same, the user logs in. If not, the users authentication will fail. The System does never decrypt the stored passwords. If it could do that, the whole encryption thing would be a joke.
The encryption function is constructed this way that there is no way to reverse this process. Only by trying passwords you can do that.
If you 've ever been a simple user in a Unix environment you should know that. If you forget your password, you go to the system administrator, you report him that, and he opens a prompt for you to apply a new password, but not even root knows your password.
Last edited by perfect_circle; 02-17-2005 at 05:01 PM.
There isn't a way to do this as root. It's a standard thing that even administrators, no matter what OS, can't see users passwords. As it has already been pointed out, this would present a major security flaw. You can, however, change a users password to anything and then you will know what it is.
all of the above options are already known to me, but thank you for the replies. i could have sworn there was an echopass script that i had seen before, i must have been mistaken or it could have been for something altogether different than system accounts.
unfortunately there are a lot of variables in this scenario for me to duplicate and i was hoping for a quick fix instead of making another similar account.
thanks for the replies though, i'll put my quest for that script to rest as i'm sure it must have been for something other than - oh, it just came to me.. it was for mail accounts under vpopmail using the '--enable-clear-password' config switch. uhg, where is my brain! ;P
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.