[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] [Mips] Are these Passwords Shadowed?

Subject: Re: [cobalt-users] [Mips] Are these Passwords Shadowed?
From: "H.P. Stroebel" <hpstr@xxxxxxxxxxxxx>
Date: Sun Dec 3 06:19:01 2000
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

James Hoaggs schrieb:

> 1) Are these passwords shadowed?
> root:9E8yTJJJJJfdW:0:0:Root:/root:/bin/sh <changed some for protection>
> admin:9E8yTJJJJJfdW:110:100:Administrator:/home/users/admin:/bin/bash

no.

> 2) If not, how does one go to shadow them.  I can not find a /etc/shadow
> file, and the /etc/passwd has these permissions:
> -rw-r--r--   1 root     root         1311 Dec  1 04:04 passwd

that`s okay, /etc/passwd must be world readable.

for this reason, passwords are normally shadowed, as /etc/shadow does
not have to be world readable.
that makes it harder to gain the (encrypted) passwords from /etc/passwd
and to run a brute force dictionary attack against them.

-- 

H. P.  Stroebel, Germany

CGI-FAQ for Raq-Newbies :
http://users.iol.it/hpstr/

Apollo 13 - Commander : "Houston, we have a problem"
Win2000 - Administrator : "Redmond, we have 64000 problems"

References:
- [cobalt-users] [Mips] Are these Passwords Shadowed?
  - From: James Hoaggs

Prev by Date: [cobalt-users] [Mips] Are these Passwords Shadowed?
Next by Date: Re: [cobalt-users] RaQ3 - REAL - CPU overload
Previous by thread: [cobalt-users] [Mips] Are these Passwords Shadowed?
Next by thread: Re: [cobalt-users] [Mips] Are these Passwords Shadowed?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index