Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a question. in /etc/shadow the passwords of different users are stored in encrypted form. Is there a way we can decrypt them?
Regards,
Usman Samad
Why?
They are encrypted so that--e.g.--you cannot look over the administrator's shoulder and get another user's password. If you have admin privileges, you can change anyone's password.
Distribution: Slackware (personalized Window Maker), Mint (customized MATE)
Posts: 1,309
Rep:
Look at John the Ripper the password cracker: http://www.openwall.com/john/. Some day I decided to try it. I used it on my system with three users. After a few hours of continuous work of the program I stopped it. I stated my passwords are strong enough.
You can't actually de-crypt them in the correct sense of the word.
John can actually find passwords that are valid matches for a given hash, which in practical terms might be the same 99% of the time, but it's not quite the same at all, and it can really take like years unless your passwords are of a very low quality.
The whole idea of storing only the hashes is, as said above, that you can't reverse them. You can only check if a given password is valid for a given hash. That's called "brute forcing", and the only shorthand is the use of a dictionary, which only works if your passwords are bad ones. A good password will never resemble anything that appears on a dictionary.
pixellany makes the real point: why? if you are not root, then you are trying to do something bad, and you will not get help here. If you are root, just change the passwords to whatever you want. You don't need the original ones. Otherwise, explain yourself.
Actually i wanted to SSH few files at a server where root access was not allowed so i had to login with the user then sudo bash to access root. So it was getting a little difcult while SSH files as i didnt know root password. Thats why i asked.
Any way thnx to all of u.
If you don't know the root password then it's because you are not supposed to log in as root, it doesn't matter if it's ssh or local login. Really, passwords are there for a reason, if everyone could read them from /etc/passwd there would be no point at all in having them. That's why they was moved to /etc/shadow long ago, and that's why that file is not world-readable, and why passwords are hashed so they can't be de-cyphered.
If you are doing a legitimate administrative task that truly require root privileges then I am sure that you will have no problem contacting the root user and asking him for permission, or for a solution that can work for both of you.
Actually i wanted to SSH few files at a server where root access was not allowed so i had to login with the user then sudo bash to access root. So it was getting a little difcult while SSH files as i didnt know root password. Thats why i asked.
Any way thnx to all of u.
Which leads us to conclude that you were not supposed to be doing what you were trying to do.......
If that's correct, then please do not post a question like this again.
If I have made the wrong conclusion, please explain and there will be a full apology....
I *hope* that the fact that he can "sudo bash" means he's got
rightful access to the root account.
It was not obvious, the way I read it.
To me, the "body language" says he was trying to do something he was not suppossed to.......As I said, if he clarifies this, I will totally apologize, recant, etc.........
Even if he's a full sudoer, the real sysadmin probably wouldn't appreciate him trying to crack root's password. (I know I wouldn't.) For that matter, he may get a stern talking to for doing things like sudo bash.
There are always legitimate ways to do what legitimately must be done. If you're working with remote transfer of files, you might have to move the files to the target machine, log on to that machine, and from there move them to their final location, chown them and so-forth.
These "restrictions" are imposed for a very good reason: to constrain what a not-so-nice person can potentially "do to your system from a distance." For legitimate users they are but a slight inconvenience.
"Cracking passwords" is never the right thing to do, even if you find that you can do it. The configuration of a computer system is a surprisingly delicate thing that is very easy to break; damned difficult to repair.
Last edited by sundialsvcs; 08-17-2009 at 08:18 PM.
Just to add that there's nothing wrong with 'sudo bash'; either you've been given rights in sudoers to do that (in which case its been blessed by the sysadmin) or you haven't, in which case it'll fail.
Definitely agree with NOT trying to crack anyone's passwd, especially root.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.