LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-05-2007, 04:31 AM   #1
scbops
Member
 
Registered: Feb 2006
Posts: 97

Rep: Reputation: 15
how to find lost password


Is there a way of decrypting /etc/shadow file, incase of finding out the lost passwords
 
Old 09-05-2007, 04:37 AM   #2
mariogarcia
Member
 
Registered: Sep 2005
Distribution: debian, solaris 10
Posts: 202

Rep: Reputation: 31
why not just create a new password, if you have access to the system somehow.
this is done by
Code:
passwd username
 
Old 09-05-2007, 04:54 AM   #3
pwc101
Senior Member
 
Registered: Oct 2005
Location: UK
Distribution: Slackware
Posts: 1,847

Rep: Reputation: 128Reputation: 128
I was interested in seeing how secure my passwords were, so I starting trying to decrypt my /etc/shadow file. This is running on a Intel Core2Duo 2.7GHz, and after 23 hours, it hasn't managed one yet. I've since hardened my passwords, but at the time, one was 8 characters, only letters (upper and lower case), yet it still didn't find it. So in short, no, you can't decrypt /etc/shadow.

This question is of questionable intent as it's possible to use this information for malicious purposes. As mariogarcia said, if you have root access to the box, just change them. I've reported this to a moderator for them to make the call.
 
Old 09-05-2007, 05:16 AM   #4
scbops
Member
 
Registered: Feb 2006
Posts: 97

Original Poster
Rep: Reputation: 15
This ID is hard coded at the programming level therefore you canít change it
 
Old 09-05-2007, 05:20 AM   #5
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
You can select which encryption method you would like for /etc/shadow
Most systems nowadays use md5sum encryption which is a 1 way sum of the password.
It's a pretty bullet proof method which is why it's mainstream.

If there was an easy way to decrypt /etc/shadow, the method would be changed quickly.
For the more secure/paranoid /etc/shadow exists but pam doesn't read it at all. A different file is chosen or db even..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Lost Password Hexadecimal Red Hat 3 05-18-2005 04:40 PM
I lost my password [BFK]BLASSON Linux - Security 3 05-05-2004 07:15 PM
Lost password mijohnst Linux - Security 2 04-06-2004 04:02 PM
lost password waxiem Linux - Software 5 07-04-2003 10:00 AM
Lost my password dlandsurveys Slackware 6 01-28-2003 08:46 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:41 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration