On Wed, 03 May 2000, V.Vasant wrote about, PASSWORD STORED?:
> Hello,
> I am puzzled by the following question.Whenever we change our
> password and in case our new password resembles even slightly older
> passwords, linux refuses to accept the new password and prints a message
> saying that it resembles the earlier one. But if I am correct , linux
> stores the passwords in an encrypted form.So how could it find out ,if
> there is any resemblence??.
You know the old pawwd, so you then know if it resembles the one you intend
to use.
> Since the crypt algorithm is a one way algorithm ,how can it find
> out similarities since the final encrypted text would surely be
> different, however similar be two pass phrases...
> Can someone please tell me how this thing is done??
I belive it is the intention of the linux operating system to be a "secure
as possable system", what you are really asking is, give me a poorly secured
system. If everyone knew HOWTO decrypt /etc/passwd just imagen.!!!!!!!!!!!
I do not belive you can do what you ask, it certanly would comprimise Linux
security.
That is one reason why the passwd program will NOT (on the first
attempt) accept weak or dictionary related words, will not allow a 'user' to
change the passwd when there are simalaritys. between the old and new
passwd.
If you require a passwd 'simalar' to what you already have, then the system
admisistrator is capable of changing it for you under 'root' priv's.
root cannot do what you ask about encryption either. (AFAIK)
He can change, delete or add new passwd's for the systems users.
>
> -V.Vasant
> -Indian Institute Of Information Technology
> -Hyderabad
> -India
--
Regards Richard
[EMAIL PROTECTED]
http://people.zeelandnet.nl/pa3gcu/
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.linux-learn.org/faqs
