>> On Mon, 7 Nov 2011 23:40:24 -0700, >> Bob Proulx <b...@proulx.com> said:
B> I would create a script that edited the /etc/shadow file directly and B> manipulated the encrypted passwords. Then the clear text would never B> need to exist in any form. Only the encrypted form of the password is B> needed. Use a script to swap between two different encrypted forms. If you don't add or delete a lot of accounts or modify /etc/passwd frequently, could you change your password to the high-security one, copy /etc/shadow to /etc/shadow.hi, then change it back and copy /etc/shadow to /etc/shadow.lo? Then your password-changer could be: alias hisec='sudo cp -p /etc/shadow.hi /etc/shadow' alias losec='sudo cp -p /etc/shadow.lo /etc/shadow' -- Karl Vogel I don't speak for the USAF or my company It's impossible to sneeze with your eyes open. --item for a lull in conversation -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20111109014634.bd5eab...@kev.msw.wpafb.af.mil