how to find lost password

scbops · 09-05-2007, 04:31 AM

Is there a way of decrypting /etc/shadow file, incase of finding out the lost passwords

mariogarcia · 09-05-2007, 04:37 AM

why not just create a new password, if you have access to the system somehow.
this is done by

Code:

passwd username

pwc101 · 09-05-2007, 04:54 AM

I was interested in seeing how secure my passwords were, so I starting trying to decrypt my /etc/shadow file. This is running on a Intel Core2Duo 2.7GHz, and after 23 hours, it hasn't managed one yet. I've since hardened my passwords, but at the time, one was 8 characters, only letters (upper and lower case), yet it still didn't find it. So in short, no, you can't decrypt /etc/shadow.

This question is of questionable intent as it's possible to use this information for malicious purposes. As mariogarcia said, if you have root access to the box, just change them. I've reported this to a moderator for them to make the call.

scbops · 09-05-2007, 05:16 AM

This ID is hard coded at the programming level therefore you can’t change it

peter_robb · 09-05-2007, 05:20 AM

You can select which encryption method you would like for /etc/shadow
Most systems nowadays use md5sum encryption which is a 1 way sum of the password.
It's a pretty bullet proof method which is why it's mainstream.

If there was an easy way to decrypt /etc/shadow, the method would be changed quickly.
For the more secure/paranoid /etc/shadow exists but pam doesn't read it at all. A different file is chosen or db even..