hi i want to write code to implement password shadowing.
are there any commands or system calls to achieve this?

Password shadowing is already implemented in practically every distribution. You just have to install and activate it. There's no need to write your own code.

hi sir.so are u referring to the file /etc/shadow or anything else.how do i get it running on my system?

Yes, I'm referring to that file.

A bit of general advice: Before you ask or help here, you should first try to find the answers yourself:
1.) Find and read through the relevent manpage. Most programs come with good manpages that explain everything you might want to know.
2.) Ask google. Ypou are probably not the first one with this question. Most likely, someone on the net has already solved the problem and written about it.
3.) This forum also has a search function.
4.) When the above does not help, you are free to ask in the forum. But if we should help you, you should explain _exactly_ what you what to do, and the system you are working with (Distribution, versions, etc.).

People here are happy to answer interesting and difficult questions, but explaining the same simple tasks over and over again is quite annoying, especially when a simple web search would turn up the answers.

Regarding your questions: a quick google search turned up this link, which should enable you to acivate password shadowing:
http://www.linuxsecurity.com/resourc...to/ch3.en.html

Regards,

Lothar

thank u sir.but i actually want to implement password shadowing as an application on a stand alone device.so i thought if u cud give me some code structure(system calls,any built in functions,structures etc),as i am a beginner.

For a quick introduction to shadowing, you shouold read the Wikipedia article: http://en.wikipedia.org/wiki/Shadow_password

You could download the sources for login and passwd. They should also give you a clue as to how shadowing works.

If you want more exact help, you should explain _in_detail_ what kind of "application" on which "stand-alone device" you have in mind.

i want to implement linux security policies on my system like telnet,ftp,password complexity,password shadowing,password expiration etc.u already gave me inf about telnet,ftp....

@pasupuleti: Lotharster has been more than patient with you. If english isn't your native tongue then please try to read the questions better or ask what is meant or ask someone to help you. I say this because the way you answer questions (bad phrasing, incomplete answers and a general disregard for what's already said) is NOT going to help you, no matter what forum it is in. So you either 'fess up this information:
- what is the brand name of the device
- what is the full version of the device
- what firmware version or GNU/Linux (embedded) distribution is installed
...or stop this thread.

Think carefully. You have one chance left because this thread will not be allowed to drag on like this for much more. If your answers are incomplete again I will force an end to this thread no matter how sorry I am for that.

you can shadowing password by using command "pwconv"

Ok.this is how i describe.

DELL Optiplex GX1

Fedora Core release 3 (Heidelberg)

Kernel 2.6.9-1.667 on an i686.

*Slightly disappointed* so, this is nothing special, just a regular PC???!!!"£!""$$%
OK. Then you should probably start reading first. Security isn't only about passwords. Start with these:
Security Quick-Start HOWTO for Linux,: http://tldp.org/HOWTO/Security-Quickstart-Redhat-HOWTO/
Securing & Optimizing Linux: The Ultimate Solution (PDF): http://www.tldp.org/LDP/solrhe/Secur...ution-v2.0.pdf
Securing and Hardening Red Hat Linux Production Systems: http://www.puschitz.com/SecuringLinux.shtml

ask if anything is unclear (after reading please), then crosscheck / follow up with:
CERT, Security improvements: http://www.cert.org/security-improvement/
CERT, Tech Tips: http://www.cert.org/tech_tips/
Linux Administrator's Security Guide (LASG): http://www.seifried.org/lasg/
Linux Security HOWTO: http://tldp.org/HOWTO/Security-HOWTO/index.html

...which you could have found yourself if you read the LQ FAQ: Security references.