R> Date: Sun, 26 May 2002 11:56:04 +0800
R> From: Rick
R> My password is 11 chars long.
R> But, as long as i type in 8chars, it accepts me in to shell.
R> I would like to know how do i fix this problem of mine.
Sounds like you're running Unix crypt passwd encoding instead of
MD5. What model RAQ?
/etc/passwd will contain lines that look like one of the
following:
user:x:....
user:garbage:....
if the latter (i.e., several chars in second field), you have a
problem and need to run shadow passwords.
If the former, look in /etc/shadow for one of the following:
user:garbage:....
user:$1$garbage$moregarbage:....
When the second field lacks $ chars, you're using passwords
encoded via Unix crypt(). DO NOT post those on-list, or someone
probably will run crack on them and have a heyday.
If you could, please confirm the formats used in both /etc/passwd
and /etc/shadow WITHOUT giving actual entries from the second
field. (In fact, if you're not running shadow passwords, you
might not admit that on-list.)
--
Eddy
Brotsman & Dreger, Inc. - EverQuick Internet Division
Phone: +1 (316) 794-8922 Wichita/(Inter)national
Phone: +1 (785) 865-5885 Lawrence
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <[EMAIL PROTECTED]>, or you are likely to
be blocked.
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
