Re: [testing] shadow drive et debian
Le samedi 15 avril 2023 à 19:01 +0200, Haricophile a écrit : > Le Wed, 12 Apr 2023 23:10:01 +0200, > Gaëtan Perrier a écrit : > > > Bonjour, > > > > Je viens d'essayer d'installer le paquet deb shadow 8.0.10059 sur ma > > debian testing. > > Y a eu une erreur à la fin de l'installation du paquet mais ça s'est > > installé quand même. Ensuite quand je lance l'appli shadow PC ça > > m'ouvre une fenêtre me proposant de me logger via un navigateur. Ce > > que je fais et là j'ai une erreur me disant "Connection failed" et me > > disant que je n'ai pas de plan souscrit. Pourtant j'ai bien un shadow > > drive. Est-ce quelqu'un rencontre le même soucis ou a réussi à se > > connecter ? > > > > Gaëtan > > Plusieurs choses: > > - Ne pas confondre Shadow (l'ordinateur «cloud») et Shadow Drive (le > stockage cloud) ! Le paquet Debian n'est pas pour Shadow Drive, mais > pour l'ordinateur virtuel. > Donc avec la version appimage de Shadow DRIVE ça fonctionne très bien > chez moi. Aahh !! C'est super pas clair sur la page de téléchargement ! Maintenant ça fonctionne nickel ! :) Merci beaucoup ! A+ Gaëtan signature.asc Description: This is a digitally signed message part
Re: [testing] shadow drive et debian
Le Wed, 12 Apr 2023 23:10:01 +0200, Gaëtan Perrier a écrit : > Bonjour, > > Je viens d'essayer d'installer le paquet deb shadow 8.0.10059 sur ma > debian testing. > Y a eu une erreur à la fin de l'installation du paquet mais ça s'est > installé quand même. Ensuite quand je lance l'appli shadow PC ça > m'ouvre une fenêtre me proposant de me logger via un navigateur. Ce > que je fais et là j'ai une erreur me disant "Connection failed" et me > disant que je n'ai pas de plan souscrit. Pourtant j'ai bien un shadow > drive. Est-ce quelqu'un rencontre le même soucis ou a réussi à se > connecter ? > > Gaëtan Plusieurs choses: - Ne pas confondre Shadow (l'ordinateur «cloud») et Shadow Drive (le stockage cloud) ! Le paquet Debian n'est pas pour Shadow Drive, mais pour l'ordinateur virtuel. Donc avec la version appimage de Shadow DRIVE ça fonctionne très bien chez moi. - Si tu as des problème de connexion avec Firefox, essaye avec un profil vierge ou essaye avec Chromium. Je n'ai pas analysé finement, mais les container de Firefox ou des extensions peuvent éventuellement bloquer la procédure d'identification. - Pour conserver le mot de passe sans ouvrir systématiquement le navigateur, ça fonctionne avec kwallet lancé, mais pas avec le truc de gnome, ou en tout cas pas out-of-box. En dehors de ça j'utilise Shadow Drive de manière très satisfaisante, ça marche autrement mieux que ce foutu Hubic !
Re: [testing] shadow drive et debian
Je ne vais pas pouvoir être précis, ju n'utilise pas shadow et je n'ai pas de souscription non plus Il y a ici une liste de messages d'erreurs: https://support.shadow.tech/hc/fr/articles/4763938067356-Codes-et-messages-d-erreur Et particulièrement les L102/L104 qui pourraient s'appliquer: https://support.shadow.tech/hc/fr/articles/360023594573-L-102-L-104-Le-launcher-n-a-pas-r%C3%A9ussi-%C3%A0-se-connecter-%C3%A0-Shadow (info pas forcément utile pour toi) Au cas où tu voudrais passer par d'autres clients que le clientb Shadow pour accéder à ton compte, on peut y accéder par WebDav https://support.shadow.tech/hc/fr/articles/6822936446364-Comment-connecter-un-logiciel-tiers-%C3%A0-Shadow-Drive-en-utilisant-le-protocole-WebDAV - sino ils ont un support, je pense que tu peux y faire appel, surout si tu paies un abonnement ;-) https://support.shadow.tech/hc/fr/categories/360001379574-Contacter-le-support
Re: [testing] shadow drive et debian
Le jeudi 13 avril 2023 à 12:17 +0200, didier gaumet a écrit : > Le mercredi 12 avril 2023 à 23:10 +0200, Gaëtan Perrier a écrit : > > Bonjour, > > > > Je viens d'essayer d'installer le paquet deb shadow 8.0.10059 sur ma > > debian > > testing. > > Y a eu une erreur à la fin de l'installation du paquet mais ça s'est > > installé > > quand même. Ensuite quand je lance l'appli shadow PC ça m'ouvre une > > fenêtre me > > proposant de me logger via un navigateur. Ce que je fais et là j'ai > > une erreur > > me disant "Connection failed" et me disant que je n'ai pas de plan > > souscrit. > > Pourtant j'ai bien un shadow drive. > > Est-ce quelqu'un rencontre le même soucis ou a réussi à se connecter > > ? > > > > Gaëtan > > Bonjour, > > tu as installé le paquet par dpkg ou apt (apt me semble préférable > parce qu'il installe les dépendances)? quel était le message d'erreur? > à la milite, purge et réinstalle pour avoir le message d'erreur parce > que par définition, si il y a un message d'erreur, ça peut être un > problème... > (mais bon j'en sais rien, je ne connais pas Shadow (la société derrière > et l'outil), j'ai juste lu que l'outil est basé sur Nextcloud) > J'ai purgé et réinstallé mais plus d'erreur mais ça ne fonctionne pas mieux pour autant ... Sinon shadow c'est le remplaçant de Hubic et c'est OVH derrière. A+ Gaëtan signature.asc Description: This is a digitally signed message part
Re: [testing] shadow drive et debian
Le mercredi 12 avril 2023 à 23:10 +0200, Gaëtan Perrier a écrit : > Bonjour, > > Je viens d'essayer d'installer le paquet deb shadow 8.0.10059 sur ma > debian > testing. > Y a eu une erreur à la fin de l'installation du paquet mais ça s'est > installé > quand même. Ensuite quand je lance l'appli shadow PC ça m'ouvre une > fenêtre me > proposant de me logger via un navigateur. Ce que je fais et là j'ai > une erreur > me disant "Connection failed" et me disant que je n'ai pas de plan > souscrit. > Pourtant j'ai bien un shadow drive. > Est-ce quelqu'un rencontre le même soucis ou a réussi à se connecter > ? > > Gaëtan Bonjour, tu as installé le paquet par dpkg ou apt (apt me semble préférable parce qu'il installe les dépendances)? quel était le message d'erreur? à la milite, purge et réinstalle pour avoir le message d'erreur parce que par définition, si il y a un message d'erreur, ça peut être un problème... (mais bon j'en sais rien, je ne connais pas Shadow (la société derrière et l'outil), j'ai juste lu que l'outil est basé sur Nextcloud)
Re: [testing] shadow drive et debian
Le jeudi 13 avril 2023 à 00:42 +0200, Bernard Schoenacker a écrit : > > > - Mail original - > De: "Gaëtan Perrier" > À: "liste.debian" > Envoyé: Mercredi 12 Avril 2023 23:10:01 > Objet: [testing] shadow drive et debian > > Bonjour, > > Je viens d'essayer d'installer le paquet deb shadow 8.0.10059 sur ma debian > testing. > Y a eu une erreur à la fin de l'installation du paquet mais ça s'est installé > quand même. Ensuite quand je lance l'appli shadow PC ça m'ouvre une fenêtre > me > proposant de me logger via un navigateur. Ce que je fais et là j'ai une > erreur > me disant "Connection failed" et me disant que je n'ai pas de plan souscrit. > Pourtant j'ai bien un shadow drive. > Est-ce quelqu'un rencontre le même soucis ou a réussi à se connecter ? > > Gaëtan > > Bonjour, > > Merci de bien vouloir relire ce didacticiel et d'indiquer si possible > les endroits qui posent un problème : > > https://support.shadow.tech/hc/fr/articles/360008252593-Installation-de-l-application-Shadow-sur-Ubuntu-et-ajout-du-support-Wayland > > paquet à installer et qui sont prérequis : > > sudo apt install -y libva-glx2 libvdpau1 libva-drm2 libcurl4 libva-wayland2 > > Etape 3 : Ajoutez à "L'input group" > > sudo usermod -a -G input $USER > > Etape 1 : Activer le module "input" > > echo "uinput" > /etc/modules-load.d/uinput.conf > > Etape 2 : Donner la permission à Shadow d'utiliser le module "input" > > echo -e ' KERNEL=="uinput", MODE="0660", GROUP="shadow-input" '>> > /etc/udev/rules.d/65-shadow-client.rules > > > Etape 3 : Ajouter l'utilisateur au groupe shadow-input > > usermod -a -G shadow-input $USER > > Merci > > @+ > > Bernard > > Salut, Mon problème est bien après tout ça, comme indiqué dans mon premier message, c'est lors de la connexion qu'il y a problème. Gaëtan signature.asc Description: This is a digitally signed message part
Re: [testing] shadow drive et debian
Le mercredi 12 avril 2023 à 23:10 +0200, Gaëtan Perrier a écrit : > Bonjour, > > Je viens d'essayer d'installer le paquet deb shadow 8.0.10059 sur ma debian > testing. > Y a eu une erreur à la fin de l'installation du paquet mais ça s'est installé > quand même. Ensuite quand je lance l'appli shadow PC ça m'ouvre une fenêtre > me > proposant de me logger via un navigateur. Ce que je fais et là j'ai une > erreur > me disant "Connection failed" et me disant que je n'ai pas de plan souscrit. > Pourtant j'ai bien un shadow drive. > Est-ce quelqu'un rencontre le même soucis ou a réussi à se connecter ? > > Gaëtan Info supplémentaire, si je lance shadow-prod en CLI j'ai ces erreurs: libva error: vaGetDriverNameByIndex() failed with unknown libva error, river_name = (null) [84551:0413/011431.194972:ERROR:nss_util.cc(286)] After loading Root Certs, loaded==false: NSS error code: -8018 Mais je ne sais pas si c'est lié au problème. Gaëtan signature.asc Description: This is a digitally signed message part
Re: [testing] shadow drive et debian
- Mail original - De: "Gaëtan Perrier" À: "liste.debian" Envoyé: Mercredi 12 Avril 2023 23:10:01 Objet: [testing] shadow drive et debian Bonjour, Je viens d'essayer d'installer le paquet deb shadow 8.0.10059 sur ma debian testing. Y a eu une erreur à la fin de l'installation du paquet mais ça s'est installé quand même. Ensuite quand je lance l'appli shadow PC ça m'ouvre une fenêtre me proposant de me logger via un navigateur. Ce que je fais et là j'ai une erreur me disant "Connection failed" et me disant que je n'ai pas de plan souscrit. Pourtant j'ai bien un shadow drive. Est-ce quelqu'un rencontre le même soucis ou a réussi à se connecter ? Gaëtan Bonjour, Merci de bien vouloir relire ce didacticiel et d'indiquer si possible les endroits qui posent un problème : https://support.shadow.tech/hc/fr/articles/360008252593-Installation-de-l-application-Shadow-sur-Ubuntu-et-ajout-du-support-Wayland paquet à installer et qui sont prérequis : sudo apt install -y libva-glx2 libvdpau1 libva-drm2 libcurl4 libva-wayland2 Etape 3 : Ajoutez à "L'input group" sudo usermod -a -G input $USER Etape 1 : Activer le module "input" echo "uinput" > /etc/modules-load.d/uinput.conf Etape 2 : Donner la permission à Shadow d'utiliser le module "input" echo -e ' KERNEL=="uinput", MODE="0660", GROUP="shadow-input" '>> /etc/udev/rules.d/65-shadow-client.rules Etape 3 : Ajouter l'utilisateur au groupe shadow-input usermod -a -G shadow-input $USER Merci @+ Bernard
[testing] shadow drive et debian
Bonjour, Je viens d'essayer d'installer le paquet deb shadow 8.0.10059 sur ma debian testing. Y a eu une erreur à la fin de l'installation du paquet mais ça s'est installé quand même. Ensuite quand je lance l'appli shadow PC ça m'ouvre une fenêtre me proposant de me logger via un navigateur. Ce que je fais et là j'ai une erreur me disant "Connection failed" et me disant que je n'ai pas de plan souscrit. Pourtant j'ai bien un shadow drive. Est-ce quelqu'un rencontre le même soucis ou a réussi à se connecter ? Gaëtan signature.asc Description: This is a digitally signed message part
Re: shadow drive
Le 21/08/2022 à 12:55, Belaïd a écrit : Bonjour, Vu leur partenariat avec nextcloud, je penses que la fonctionnalité que tu cherche sera bien au rendez vous (Je n'imagine pas trop l'utilité d'une solution de stockage dans le cloud sans cette fonctionnalité) Le dim. 21 août 2022 à 11:11, jafiv a écrit : Bonjour à tous, Avant sa fermeture annoncée, j'utilisais mon compte HUBIC pour sauvegarder un dossier important. Le compte HUBIC est monté dans mon arborescence comme bien expliqué par ce lien: https://www.elysiria.fr/blog/configurer-hubic-en-tant-que-disque-distant/ Est-il possible de disposer des mêmes fonctionnalités avec Shadow Drive? Merci pour cette réponse encourageante.
Re: shadow drive
Bonjour, Vu leur partenariat avec nextcloud, je penses que la fonctionnalité que tu cherche sera bien au rendez vous (Je n'imagine pas trop l'utilité d'une solution de stockage dans le cloud sans cette fonctionnalité) Le dim. 21 août 2022 à 11:11, jafiv a écrit : > Bonjour à tous, > > Avant sa fermeture annoncée, j'utilisais mon compte HUBIC pour > sauvegarder un dossier important. Le compte HUBIC est monté dans mon > arborescence comme bien expliqué par ce lien: > https://www.elysiria.fr/blog/configurer-hubic-en-tant-que-disque-distant/ > > Est-il possible de disposer des mêmes fonctionnalités avec Shadow Drive? > >
shadow drive
Bonjour à tous, Avant sa fermeture annoncée, j'utilisais mon compte HUBIC pour sauvegarder un dossier important. Le compte HUBIC est monté dans mon arborescence comme bien expliqué par ce lien: https://www.elysiria.fr/blog/configurer-hubic-en-tant-que-disque-distant/ Est-il possible de disposer des mêmes fonctionnalités avec Shadow Drive?
Re: password hash in shadow file
On 13/03/18 09:47 AM, to...@tuxteam.de wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 13, 2018 at 05:25:18PM +0100, Sven Hartge wrote: Adam Weremczuk <ad...@matrixscience.com> wrote: I think it was me invoking "passwd" as root and aborting (ctrl+D) without making any changes. Would that be enough to update the shadow file? No. You can't reverse a hash and to generate a new hash the code needs the password for the user in plain. Well, to be fair, the change to SHA-1 is because you can "reverse" MD5 all too easily (where reverse just means that you find something which hashes to a given hash, which hasn't to resemble your original password all too much). Usually you want this something to have some properties to be useful. But I don't think your operating system is going to do that behind your back ;-) Not if it's Linux, anyway... -- cgi...@surfnaked.ca (Charlie Gibbs)
Re: password hash in shadow file
On 14/03/18 09:20, to...@tuxteam.de wrote: > On Tue, Mar 13, 2018 at 07:36:19PM +0100, Sven Hartge wrote: > >> But on that note: I wonder of one could create a PAM module which will >> do just that on successful login. Once you *know* you have the right >> password (and the PAM system has that knowledge including the plain text >> password the user entered) just rehash it and update /etc/shadow. > >> This will gradually upgrade all hashes once a user uses an account. > > That would be downright sneaky :-) That's quite common for web apps, isn't it? Not with PAM though, presumably. Richard signature.asc Description: OpenPGP digital signature
Re: password hash in shadow file
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 13, 2018 at 07:36:19PM +0100, Sven Hartge wrote: > to...@tuxteam.de wrote: [...] > > Well, to be fair, the change to SHA-1 is because you can "reverse" MD5 > > all too easily > > Yes, basically. > > > But I don't think your operating system is going to do that behind > > your back ;-) > > It would be quite obvious when just starting "passwd" takes several days > while it cracks your MD5 hash to replace it with a stronger one ;) And possibly eat through a disk or two (or are rainbow tables superfluous with current GPUs? I don't know). All that to choose quite probably a *different* password which happens to hash to the same MD5. Login no more possible, but now secure :) > But on that note: I wonder of one could create a PAM module which will > do just that on successful login. Once you *know* you have the right > password (and the PAM system has that knowledge including the plain text > password the user entered) just rehash it and update /etc/shadow. > > This will gradually upgrade all hashes once a user uses an account. That would be downright sneaky :-) Cheers - -- t -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlqoMoMACgkQBcgs9XrR2kb5/ACfQEmIaxjx3bVzcA60VHbqI/UD RbIAnifsG3fys+yUrfGLZ8PojwkZBwG1 =Xy4V -END PGP SIGNATURE-
Re: password hash in shadow file
to...@tuxteam.de wrote: > On Tue, Mar 13, 2018 at 05:25:18PM +0100, Sven Hartge wrote: >> Adam Weremczuk <ad...@matrixscience.com> wrote: >>> I think it was me invoking "passwd" as root and aborting (ctrl+D) >>> without making any changes. Would that be enough to update the >>> shadow file? >> No. >> >> You can't reverse a hash and to generate a new hash the code needs >> the password for the user in plain. > Well, to be fair, the change to SHA-1 is because you can "reverse" MD5 > all too easily Yes, basically. > But I don't think your operating system is going to do that behind > your back ;-) It would be quite obvious when just starting "passwd" takes several days while it cracks your MD5 hash to replace it with a stronger one ;) But on that note: I wonder of one could create a PAM module which will do just that on successful login. Once you *know* you have the right password (and the PAM system has that knowledge including the plain text password the user entered) just rehash it and update /etc/shadow. This will gradually upgrade all hashes once a user uses an account. S° -- Sigmentation fault. Core dumped.
Re: password hash in shadow file
On Tue 13 Mar 2018 at 15:18:35 (+), Adam Weremczuk wrote: > Hi all, > > I've just spotted that on one of my old wheezy servers root entry in > /etc/shadow was updated just over 3 weeks ago. Take a look at the end of a file and see if a new user/system account has been added recently when you installed a package. Examples: clamav logcheck avahi ntop and even debian-security-support. If that doesn't turn up anything, just scan for the highest number in the 3rd field. Then type (where 16933 is your number): $ date -d "1970-01-01 +16933 days" Thu May 12 00:00:00 CDT 2016 $ and that ought to match the last-modified timestamp. (That example is for debian-security-support going onto one of my wheezy systems.) > The root password is still the same and the lastchanged count is > much higher than 3 weeks. > > The difference I've noticed is the hashed password string being much longer. > > It's now prefixed with $6$ (SHA-512 algorithm) comparing with $1$ > (MD5) before the change. Should we assume that you have evidence of the root entry with an MD5 indication but the same number in the 3rd entry as you have now? > My first suspect was a security patch but the system was not updated > around that time. > > Has anybody seen this before and could explain? No. Lacking a backup of shadow with an MD5 indication, all I can say is that the same process must have been carried out here on all my systems, and whatever that process was, it happened before 12 Sep 2016. Doesn't seem likely. That's the last time this backup wheezy system was booted up, and shadow shows file last modification 21 April 2014 birth of root password 3 April 2014 shadow root entry: root:$6$…:16163:0:9:7::: shadow last entry: apt-cacher-ng:*:16182:0:9:7::: Cheers, David.
Re: password hash in shadow file
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 13, 2018 at 05:25:18PM +0100, Sven Hartge wrote: > Adam Weremczuk <ad...@matrixscience.com> wrote: > > > I think it was me invoking "passwd" as root and aborting (ctrl+D) > > without making any changes. Would that be enough to update the shadow > > file? > > No. > > You can't reverse a hash and to generate a new hash the code needs the > password for the user in plain. Well, to be fair, the change to SHA-1 is because you can "reverse" MD5 all too easily (where reverse just means that you find something which hashes to a given hash, which hasn't to resemble your original password all too much). Usually you want this something to have some properties to be useful. But I don't think your operating system is going to do that behind your back ;-) Cheers - -- t -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlqoALIACgkQBcgs9XrR2kYGwwCfR0bt4g4nomrycYho2rA23L6d BlUAn2c3RW8xuj751aC6LxJt+0T9udPT =SGi/ -END PGP SIGNATURE-
Re: password hash in shadow file
Quite possibly I changed it to the same password. Not sure now as it was almost a month ago but can't find any better explanation. Of course hashes are meant to be irreversible. I guess I'm trying to catch my own shadow ;) On 13/03/18 16:19, to...@tuxteam.de wrote: Still strange. Are you sure that you stopped "passwd" early enough? Had you entered the password already? Twice?
Re: password hash in shadow file
Adam Weremczuk <ad...@matrixscience.com> wrote: > I think it was me invoking "passwd" as root and aborting (ctrl+D) > without making any changes. Would that be enough to update the shadow > file? No. You can't reverse a hash and to generate a new hash the code needs the password for the user in plain. Grüße, Sven. -- Sigmentation fault. Core dumped.
Re: password hash in shadow file
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 13, 2018 at 04:01:52PM +, Adam Weremczuk wrote: > I think it was me invoking "passwd" as root and aborting (ctrl+D) > without making any changes. > Would that be enough to update the shadow file? Hm. That depends on which point you invoked abort at, but naively I'd say "no". Note that the system doesn't "know" your password, only its hash -- so if it succeeded in storing the SHA-1 of your password (you say it didn't change, did you?) without you telling it, then it would have to crack your MD5 password hash. Still strange. Are you sure that you stopped "passwd" early enough? Had you entered the password already? Twice? Cheers - -- t -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlqn+f4ACgkQBcgs9XrR2kYu2ACePqhJ8m5QgIqwleJBpHFPo0Ng x6sAnRpH4q2J9UqbT7aypggmxFLaIhjH =qwpf -END PGP SIGNATURE-
Re: password hash in shadow file
I think it was me invoking "passwd" as root and aborting (ctrl+D) without making any changes. Would that be enough to update the shadow file? On 13/03/18 15:47, to...@tuxteam.de wrote: What I don't understand is how the system changed the hashing method without getting you involved. You don't remember having had to enter the root password? That would be strange. Cheers
Re: password hash in shadow file
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 13, 2018 at 03:18:35PM +, Adam Weremczuk wrote: > Hi all, > > I've just spotted that on one of my old wheezy servers root entry in > /etc/shadow was updated just over 3 weeks ago. > > The root password is still the same and the lastchanged count is > much higher than 3 weeks. > > The difference I've noticed is the hashed password string being much longer. > > It's now prefixed with $6$ (SHA-512 algorithm) comparing with $1$ > (MD5) before the change. Of course, moving off MD5 makes some sense. It's not burning a hole in your system's security in this case [1], but MD5 is a bit old these days. > My first suspect was a security patch but the system was not updated > around that time. > > Has anybody seen this before and could explain? What I don't understand is how the system changed the hashing method without getting you involved. You don't remember having had to enter the root password? That would be strange. Cheers [1] /etc/shadow isn't world-readable, so if you have someone on your system capable of reading it, you're already in hot water; and if you have copies of /etc/shadow around there, well... you encrypt your system backups, do you? The only credible threat model remaining is that someone(TM) accesses your hard disk "from the side", e.g. booting a rescue system or taking to the screwdriver. - -- t -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlqn8p4ACgkQBcgs9XrR2kb5DgCfSBtg2Ew8O/eHhXKV4iMEit5e 8esAniqGwtu0lYjdRGUSlAhnTwgM08Q/ =rLBv -END PGP SIGNATURE-
password hash in shadow file
Hi all, I've just spotted that on one of my old wheezy servers root entry in /etc/shadow was updated just over 3 weeks ago. The root password is still the same and the lastchanged count is much higher than 3 weeks. The difference I've noticed is the hashed password string being much longer. It's now prefixed with $6$ (SHA-512 algorithm) comparing with $1$ (MD5) before the change. My first suspect was a security patch but the system was not updated around that time. Has anybody seen this before and could explain? Thanks Adam
Re: shadow spam (was Re: stop your mail)
On Sun, Jul 9, 2017 at 7:53 PM, Thomas Schmittwrote: > Hi, > [...] > > Joel Rees wrote: >> (1) These messages may be a sort of generator for phishing targets. > > You mean that those who hit the "Smack Sender" button of their mail > app show up as flotsam here and can be harvested without reveiling > the harvester's mail address ? > (This theory would imply that the reflector senders are real people > or their watchdog apps.) > > Eek. That would mean we would really have to take measures to not > let appear most of the messages in subscriber mailboxes and archive. > If we let this continue then we create a commercial incentive to > flood us. Of course, if the hypothetical "they" are looking for a commercially viable way to harvest addresses from this list and are doing this, they've missed something much more obvious. And? >> they might be setting up a noise >> background against which to send steganographically encoded messages. > > That's a good one. > We are testing ground for a novel low-bandwidth method to control > bot nets or remote spies. Not likely a testing ground. > Ten hops over iPads, Galaxies, or WinPhones would be nearly as > effective in hiding the sender as a Tor onion would be. > > > Have a nice day :) > > Thomas > Did I say something about onions? -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: shadow spam (was Re: stop your mail)
> From: scdbac...@gmx.net > To: debian-user@lists.debian.org >> this conversation has gone viral itself. > It is technically interesting to see what people think how stupid we > are. I wonder if there is any other purpose than to make me wonder ? Politically, the motive may be by some who will need the ground to push an agenda. First you document a threat, you allow a crisis, then play the card of the protector. Like an antivirus agency spreading a virus. So I would be really cautious of any who would volunteer as moderators or those who would promote a forum, like debian.uk is, where they have to get copies of birth certificates 3 generations back to allow a member. > Have a nice day :) > Thomas Have a great night (AK)
Re: shadow spam (was Re: stop your mail)
Hi, Fungi4All wrote: > I remember 2 months ago I had received a response from what appeared > as a list member responding to some spam that was sent by me to the list. The first thing i checked on the current spam was that it is really distributed by the list and not sent to me directly. "Received:" headers like this one can be trusted if no other such headers were added by my provider gmx.net: Received: from bendel.debian.org ([82.195.75.100]) by mx-ha.gmx.net (mxgmx016 [212.227.15.9]) [...] for; Sun, 09 Jul 2017 11:51:20 +0200 (Of course anybody could add such a header to the mail when it gets sent. But then gmx.net would still add its own "Received:" header,) > this conversation has gone viral itself. It is technically interesting to see what people think how stupid we are. I wonder if there is any other purpose than to make me wonder ? Maybe it's Happy Recursion Week ? GNU is Not Unix ! Or it's a Fnord, meant to trigger a sleeping brain worm. Joel Rees wrote: > (1) These messages may be a sort of generator for phishing targets. You mean that those who hit the "Smack Sender" button of their mail app show up as flotsam here and can be harvested without reveiling the harvester's mail address ? (This theory would imply that the reflector senders are real people or their watchdog apps.) Eek. That would mean we would really have to take measures to not let appear most of the messages in subscriber mailboxes and archive. If we let this continue then we create a commercial incentive to flood us. > they might be setting up a noise > background against which to send steganographically encoded messages. That's a good one. We are testing ground for a novel low-bandwidth method to control bot nets or remote spies. Ten hops over iPads, Galaxies, or WinPhones would be nearly as effective in hiding the sender as a Tor onion would be. Have a nice day :) Thomas
shadow spam (was Re: stop your mail)
Can I suggest two possibilities not apparently being considered? (1) These messages may be a sort of generator for phishing targets. (This is not currently a likely scenario, but you want to consider it.) (2) These might be either the body of a message sent by a spatter steganography technique, or they might be setting up a noise background against which to send steganographically encoded messages. I'd suggest a third, which is true tin-foil-hat stuff, but you who are into conspiracy theories can work that out yourselves. Whenever I see a sudden rise in odd-looking spam, I tend to assume something like the second possibility. https://en.wikipedia.org/wiki/Steganography -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: /etc/shadow password hash format (migration from SuSE 9.3 to Debian Wheezy)
On Tue, 28 May 2013, Andreas Meile wrote: I tried that out on a lab system where I replaced pam_unix.so into pam_unix2.so inside both common-auth and common-password config files. Result: The system nows recognizes all $2a$ (Blowfish) password hashes but does not longer accepts $6$ (SHA-512) password now. Use both at the same time to check credentials, and only pam_unix to change credentials (to migrate to sha-512 over time). But be very careful on how you stack them, or you will create a nasty security hole. I strongly suggest you do a very through reading of the PAM documentation before you attempt this. -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130531011850.ga32...@khazad-dum.debian.net
Re: /etc/shadow password hash format (migration from SuSE 9.3 to Debian Wheezy)
Hello Recoverym4n Thanks for your hint. - Original Message - From: recovery...@gmail.com To: debian-user@lists.debian.org Sent: Monday, May 27, 2013 7:40 PM Subject: Re: /etc/shadow password hash format (migration from SuSE 9.3 to Debian Wheezy) Install 'libpam-unix2' package. Configure PAM as outlined in /usr/share/doc/libpam-unix2/README.Debian. It is that simple. I tried that out on a lab system where I replaced pam_unix.so into pam_unix2.so inside both common-auth and common-password config files. Result: The system nows recognizes all $2a$ (Blowfish) password hashes but does not longer accepts $6$ (SHA-512) password now. In the meantime, I migrated several user accounts to $6$ (SHA-512) hashes using passwd to setting new passwords so there's a $6$/$2a$ mixture in /etc/shadow now. So what I actually need is a way that $6$ hashes are ok for any created new user account as well as invoked passwd command (=setting passwords always as $6$) but the authentication must accept both $2a$ and $6$, i.e. must be able to deal with a mixed /etc/shadow database. So existing user still can login with their $2a$ Blowfish hash while all my new users use a $6$ SHA-512 hash. So I think a configuration rule to use pam_unix.so and pam_unix2.so simultaneously will help. Andreas -- Teste die PC-Sicherheit mit www.sec-check.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/edb958b5aba84ba1aa76af5a278e9...@meilebiz.loc
/etc/shadow password hash format (migration from SuSE 9.3 to Debian Wheezy)
Hello Debian users I recently migrated an old SuSE Linux 9.3 box to Debian 7 Wheezy. There I backuped the /etc/shadow file to import the existing passwords from my users to the new Debian environment using a vipw -s command as part of the migration. Result: Classic UNIX hashes (format [0-9A-Za-z]{13}) still work but those hashs beginning with $2a$10$ don't. When resetting the user's password using passwd as root, the new hashes begin with $6$. Questions: - Is there a good overview WWW link about all these $Version$[Subversion?$] formats? - Is there a special Debian package or system configuration parameter where I can enable using older hash formats (but passwd still can set changes into the new $6$ format) or is setting a new password to every affected user the only way? Thanks in advance. Andreas -- Teste die PC-Sicherheit mit www.sec-check.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e77a0727989c4fc1946f0dc9e59ab...@meilebiz.loc
Re: /etc/shadow password hash format (migration from SuSE 9.3 to Debian Wheezy)
Andreas Meile mailingli...@andreas-meile.ch asked about /etc/shadow: Is there a good overview WWW link about all these $Version$[Subversion?$] formats? man shadow says of the encrypted password field, Refer to crypt(3) for details on how this string is interpreted. man 3 crypt contains a NOTES section that identifies the ID and describes its format. Specifically, $6$salt$encrypted is SHA-512. Chris -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/ul1c7ax19h@news.roaima.co.uk
Re: /etc/shadow password hash format (migration from SuSE 9.3 to Debian Wheezy)
Hello Chris - Original Message - From: Chris Davies ch...@roaima.co.uk To: debian-user@lists.debian.org Sent: Monday, May 27, 2013 2:54 PM Subject: Re: /etc/shadow password hash format (migration from SuSE 9.3 to Debian Wheezy) man 3 crypt contains a NOTES section that identifies the ID and describes its format. Specifically, $6$salt$encrypted is SHA-512. Thanks for the hint. Already done: ID | Method - 1 | MD5 2a | Blowfish (not in mainline glibc; added in some | Linux distributions) 5 | SHA-256 (since glibc 2.7) 6 | SHA-512 (since glibc 2.7) So this lights out the situation: While SuSE 9.3 used Blowfish as extended password encryption method, Debian Wheezy uses SHA-512 for that. A short view inside older Linux boxes: Squeeze also uses SHA-512, and Lenny uses MD5 according this table. A apt-cache search blowfish shows me a lot of Blowfish related packages. So is there one on it which extends the login authentication routine also to process Blowfish hashes in /etc/shadow or is that a much more complicate procedure (compiling a new kernel for example)? Andreas -- Teste die PC-Sicherheit mit www.sec-check.net -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/f1a5ebde1a764a27949818853efe8...@meilebiz.loc
Re: /etc/shadow password hash format (migration from SuSE 9.3 to Debian Wheezy)
On 05/27/2013 04:23 PM, Andreas Meile wrote: Hello Chris - Original Message - From: Chris Davies ch...@roaima.co.uk To: debian-user@lists.debian.org Sent: Monday, May 27, 2013 2:54 PM Subject: Re: /etc/shadow password hash format (migration from SuSE 9.3 to Debian Wheezy) man 3 crypt contains a NOTES section that identifies the ID and describes its format. Specifically, $6$salt$encrypted is SHA-512. Thanks for the hint. Already done: ID | Method - 1 | MD5 2a | Blowfish (not in mainline glibc; added in some | Linux distributions) 5 | SHA-256 (since glibc 2.7) 6 | SHA-512 (since glibc 2.7) So this lights out the situation: While SuSE 9.3 used Blowfish as extended password encryption method, Debian Wheezy uses SHA-512 for that. A short view inside older Linux boxes: Squeeze also uses SHA-512, and Lenny uses MD5 according this table. A apt-cache search blowfish shows me a lot of Blowfish related packages. So is there one on it which extends the login authentication routine also to process Blowfish hashes in /etc/shadow or is that a much more complicate procedure (compiling a new kernel for example)? Andreas Hi Andreas, I think man login.defs will bring some light on the problem. Regards, Alex -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/51a377f3.8030...@biotec.tu-dresden.de
Re: /etc/shadow password hash format (migration from SuSE 9.3 to Debian Wheezy)
On Mon, 27 May 2013 16:23:20 +0200 Andreas Meile mailingli...@andreas-meile.ch wrote: A apt-cache search blowfish shows me a lot of Blowfish related packages. So is there one on it which extends the login authentication routine also to process Blowfish hashes in /etc/shadow or is that a much more complicate procedure (compiling a new kernel for example)? Hi. Install 'libpam-unix2' package. Configure PAM as outlined in /usr/share/doc/libpam-unix2/README.Debian. It is that simple. PS Did you ever considered using a real e-mail client? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130527214000.fb529b7f01f0bc8ccbe26...@gmail.com
Re: Permissões de acesso a arquivos shadow com e sem sudo
Olá, as permissões padrões mudam de distro para distro. No Debian o padrão é 640 mesmo, o sudo não altera permissões destes arquivos, não tem ligação com a constatação que você fez. Abraço. Em 14-03-2013 11:49, jacinto minhas pernas escreveu: Amigos, Estou estudando para o exame LPIC 102 e nos estudos descobri que as permissões de acesso aos arquivos shadow é, por padrão, 400. Quando fui verificar em minha máquina, percebi que os referidos arquivos estavam com a permissão 640, sendo o grupo shadow. Eis a dúvida: Esta mudança de permissões se deve ao fato de o sudo estar instalado? (supús que talvez fosse o único utilitário que precisasse acessar as senhas shadow) Abraços -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1644785024.2433233.1363272592180.javamail.tomc...@ibriss06.dlan.cinetic.de -- Att. Dane Brand Atua Sistemas de Informação Skype: dane.atua Msn: d...@atua.com.br ICQ : 126258686 Fone: (54) 3045-4144 Celular: (54) 9673-8919 Linux User #548369 LPIC 3 - CORE -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5141e4df.2050...@atua.com.br
Re: Permissões de acesso a arquivos shadow com e sem sudo
Foi o que eu lhe expliquei, O sudo não tem motivo para alterar o /etc/shadow, sendo assim ele não altera a permissão. No Debian a permissão padrão é 640 é não 400 como você está dizendo. Veja um exemplo de uma máquina sem do sudo instalado. root@debian:~# dpkg -l |grep sudo root@debian:~# stat -c %a /etc/shadow 640 A permissão não tem haver com o sudo, e sim o padrão do SO. Em 14-03-2013 12:35, jacinto minhas pernas escreveu: Dane, Eu sei o conceito de permissões padrão, mas a questão não é essa. A permissão de um arquivo shadow é 400, ou seja, somente leitura para o root e ninguém mais. Do contrário, não haveria sentido na existência dele. O que eu percebi é que em todos os sistemas que opero que possuem o sudo instalado, a permissão do /etc/shadow é 640, sendo o root o proprietário e com o grupo shadow. Eu só queria confirmar se esta mudança nas permissões é feita mesmo pelo sudo, ou por outro utilitário. Abraços At 14 Mar 2013 14:55:27 + (UTC) de Dane d...@atua.com.br: Olá, as permissões padrões mudam de distro para distro. No Debian o padrão é 640 mesmo, o sudo não altera permissões destes arquivos, não tem ligação com a constatação que você fez. Abraço. Em 14-03-2013 11:49, jacinto minhas pernas escreveu: Amigos, Estou estudando para o exame LPIC 102 e nos estudos descobri que as permissões de acesso aos arquivos shadow é, por padrão, 400. Quando fui verificar em minha máquina, percebi que os referidos arquivos estavam com a permissão 640, sendo o grupo shadow. Eis a dúvida: Esta mudança de permissões se deve ao fato de o sudo estar instalado? (supús que talvez fosse o único utilitário que precisasse acessar as senhas shadow) Abraços -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1644785024.2433233.1363272592180.javamail.tomc...@ibriss06.dlan.cinetic.de -- Att. Dane Brand Atua Sistemas de Informação Skype: dane.atua Msn: d...@atua.com.br ICQ : 126258686 Fone: (54) 3045-4144 Celular: (54) 9673-8919 Linux User #548369 LPIC 3 - CORE -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5141e4df.2050...@atua.com.br -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1365768639.2439231.1363275349668.javamail.tomc...@ibriss06.dlan.cinetic.de -- Att. Dane Brand Atua Sistemas de Informação Skype: dane.atua Msn: d...@atua.com.br ICQ : 126258686 Fone: (54) 3045-4144 Celular: (54) 9673-8919 Linux User #548369 LPIC 3 - CORE
Re: Permissões de acesso a arquivos shadow com e sem sudo
Que bom cara, espero ter te ajudado em algo. Tem bastante coisas na LPI, que confundem usuários do Debian, pq ele acaba fazendo de uma forma diferente ou facilitando algumas coisas, e isto não ocorre nas outras distros. Em 14-03-2013 13:42, jacinto minhas pernas escreveu: Dane, Agora entendi sua explicação. Eu tinha achado que o sudo tivesse alguma coisa a ver, uma vez que, quando usado, ele faz uso das senhas shadow. Obrigado Abraços At 14 Mar 2013 15:59:53 + (UTC) de Dane d...@atua.com.br: Foi o que eu lhe expliquei, O sudo não tem motivo para alterar o /etc/shadow, sendo assim ele não altera a permissão. No Debian a permissão padrão é 640 é não 400 como você está dizendo. Veja um exemplo de uma máquina sem do sudo instalado. root@debian:~# dpkg -l |grep sudo root@debian:~# stat -c %a /etc/shadow 640 A permissão não tem haver com o sudo, e sim o padrão do SO. Em 14-03-2013 12:35, jacinto minhas pernas escreveu: Dane, Eu sei o conceito de permissões padrão, mas a questão não é essa. A permissão de um arquivo shadow é 400, ou seja, somente leitura para o root e ninguém mais. Do contrário, não haveria sentido na existência dele. O que eu percebi é que em todos os sistemas que opero que possuem o sudo instalado, a permissão do /etc/shadow é 640, sendo o root o proprietário e com o grupo shadow. Eu só queria confirmar se esta mudança nas permissões é feita mesmo pelo sudo, ou por outro utilitário. Abraços At 14 Mar 2013 14:55:27 + (UTC) de Dane d...@atua.com.br: Olá, as permissões padrões mudam de distro para distro. No Debian o padrão é 640 mesmo, o sudo não altera permissões destes arquivos, não tem ligação com a constatação que você fez. Abraço. Em 14-03-2013 11:49, jacinto minhas pernas escreveu: Amigos, Estou estudando para o exame LPIC 102 e nos estudos descobri que as permissões de acesso aos arquivos shadow é, por padrão, 400. Quando fui verificar em minha máquina, percebi que os referidos arquivos estavam com a permissão 640, sendo o grupo shadow. Eis a dúvida: Esta mudança de permissões se deve ao fato de o sudo estar instalado? (supús que talvez fosse o único utilitário que precisasse acessar as senhas shadow) Abraços -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1644785024.2433233.1363272592180.javamail.tomc...@ibriss06.dlan.cinetic.de -- Att. Dane Brand Atua Sistemas de Informação Skype: dane.atua Msn: d...@atua.com.br ICQ : 126258686 Fone: (54) 3045-4144 Celular: (54) 9673-8919 Linux User #548369 LPIC 3 - CORE -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5141e4df.2050...@atua.com.br -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1365768639.2439231.1363275349668.javamail.tomc...@ibriss06.dlan.cinetic.de -- Att. Dane Brand Atua Sistemas de Informação Skype: dane.atua Msn:d...@atua.com.br ICQ : 126258686 Fone: (54) 3045-4144 Celular: (54) 9673-8919 Linux User #548369 LPIC 3 - CORE -- Att. Dane Brand Atua Sistemas de Informação Skype: dane.atua Msn: d...@atua.com.br ICQ : 126258686 Fone: (54) 3045-4144 Celular: (54) 9673-8919 Linux User #548369 LPIC 3 - CORE
Re: Permissões de acesso a arquivos shadow com e sem sudo
O conceito do sudo é super user do, ou seja faça como root. Sendo assim, sudo herda permissões root; att On 14/03/13 at 12:59pm, Dane wrote: Date: Thu, 14 Mar 2013 12:59:53 -0300 From: Dane d...@atua.com.br To: debian-user-portuguese@lists.debian.org Subject: Re: Permissões de acesso a arquivos shadow com e sem sudo User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130311 Thunderbird/17.0.4 Foi o que eu lhe expliquei, O sudo não tem motivo para alterar o /etc/shadow, sendo assim ele não altera a permissão. No Debian a permissão padrão é 640 é não 400 como você está dizendo. Veja um exemplo de uma máquina sem do sudo instalado. root@debian:~# dpkg -l |grep sudo root@debian:~# stat -c %a /etc/shadow 640 A permissão não tem haver com o sudo, e sim o padrão do SO. Em 14-03-2013 12:35, jacinto minhas pernas escreveu: Dane, Eu sei o conceito de permissões padrão, mas a questão não é essa. A permissão de um arquivo shadow é 400, ou seja, somente leitura para o root e ninguém mais. Do contrário, não haveria sentido na existência dele. O que eu percebi é que em todos os sistemas que opero que possuem o sudo instalado, a permissão do /etc/shadow é 640, sendo o root o proprietário e com o grupo shadow. Eu só queria confirmar se esta mudança nas permissões é feita mesmo pelo sudo, ou por outro utilitário. Abraços At 14 Mar 2013 14:55:27 + (UTC) de Dane d...@atua.com.br: Olá, as permissões padrões mudam de distro para distro. No Debian o padrão é 640 mesmo, o sudo não altera permissões destes arquivos, não tem ligação com a constatação que você fez. Abraço. Em 14-03-2013 11:49, jacinto minhas pernas escreveu: Amigos, Estou estudando para o exame LPIC 102 e nos estudos descobri que as permissões de acesso aos arquivos shadow é, por padrão, 400. Quando fui verificar em minha máquina, percebi que os referidos arquivos estavam com a permissão 640, sendo o grupo shadow. Eis a dúvida: Esta mudança de permissões se deve ao fato de o sudo estar instalado? (supús que talvez fosse o único utilitário que precisasse acessar as senhas shadow) Abraços -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1644785024.2433233.1363272592180.javamail.tomc...@ibriss06.dlan.cinetic.de -- Att. Dane Brand Atua Sistemas de Informação Skype: dane.atua Msn: d...@atua.com.br ICQ : 126258686 Fone: (54) 3045-4144 Celular: (54) 9673-8919 Linux User #548369 LPIC 3 - CORE -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5141e4df.2050...@atua.com.br -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1365768639.2439231.1363275349668.javamail.tomc...@ibriss06.dlan.cinetic.de -- Att. Dane Brand Atua Sistemas de Informação Skype: dane.atua Msn: d...@atua.com.br ICQ : 126258686 Fone: (54) 3045-4144 Celular: (54) 9673-8919 Linux User #548369 LPIC 3 - CORE -- Francisco Aparecido da Silva (fafanet) -- Blog: http://blog.silva.eti.br http://www.twitter.com/fafanete http://www.identi.ca/fafanet GNU/Linux user:239412 GPG ID:01BC73D6 -- signature.asc Description: Digital signature
Re: /etc/shadow
Manuel Diego escribió: Exacto, desencriptar es imposible, por mas que haya gente que diga lo contrario. Lo que si se puede hacer es averiguar a fuerza bruta el contenido de la cadena. Con esto quiero decir que jamas se encontrará el reverso del algoritmo. El 02-09-2009, a las 21:17, Luis Lezcano Airaldi escribió: El mié, 02-09-2009 a las 19:42 -0400, joanman...@elecgtm.une.cu mailto:joanman...@elecgtm.une.cu escribió: Saludos listeros escribo por que quiciera saber si hay algun software que me permita desencriptar los password que bienen en fichero /etc/shadow . Gracias por atencion prestada No se pueden desencriptar. ;) Te puede ayudar el programa john the ripper o crack son los programas por excelencia para descifrar las contraseñas de /etc/shadow. El método que usan es por fuerza bruta, a grandes rasgos lo que hacen es que por medio de un diccionario que tu le proporcionas, va cifrando cada palabra y la compara con la contraseña a descifrar, hasta encontrarar una cadena similar. Hasta pronto... -- To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: /etc/shadow
Exacto, desencriptar es imposible, por mas que haya gente que diga lo contrario. Lo que si se puede hacer es averiguar a fuerza bruta el contenido de la cadena. Con esto quiero decir que jamas se encontrará el reverso del algoritmo. El 02-09-2009, a las 21:17, Luis Lezcano Airaldi escribió: El mié, 02-09-2009 a las 19:42 -0400, joanman...@elecgtm.une.cu escribió: Saludos listeros escribo por que quiciera saber si hay algun software que me permita desencriptar los password que bienen en fichero /etc/ shadow . Gracias por atencion prestada No se pueden desencriptar. ;) -- To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Manuel Diego Paillafil Gamboa man...@radiohead.cl Móvil: 06 - 801 60 24
/etc/shadow
Saludos listeros escribo por que quiciera saber si hay algun software que me permita desencriptar los password que bienen en fichero /etc/shadow . Gracias por atencion prestada -- Administrador de Red Empresa Eléctrica Guantánamo Phone: (0121) 327452 Phone: (0121) 323512 Ext. 213 Jabber: joanman...@jb.elecgtm.une.cu Jabber: joanman...@jb.une.cu Jabber: joanmanuel1...@gmail.com Debian GNU/Linux User# 490001 Web: http://blog-admin.elecgtm.une.cu -- -- To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: /etc/shadow
2009-09-02, joanman...@elecgtm.une.cu: Saludos listeros escribo por que quiciera saber si hay algun software que me permita desencriptar los password que bienen en fichero /etc/shadow . Gracias por atencion prestada respuesta corta: john the ripper y tiempo libre Saludos, Mauro -- JID: lavaram...@jabber.org | http://lizaur.github.com/ 2B82 A38D 1BA5 847A A74D 6C34 6AB7 9ED6 C8FD F9C1 -- To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: /etc/shadow
El mié, 02-09-2009 a las 19:42 -0400, joanman...@elecgtm.une.cu escribió: Saludos listeros escribo por que quiciera saber si hay algun software que me permita desencriptar los password que bienen en fichero /etc/shadow . Gracias por atencion prestada No se pueden desencriptar. ;) -- To UNSUBSCRIBE, email to debian-user-spanish-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Error opening /etc/shadow for reading
Hi, I'm new to linux and have Debian Lenny for 3 month. Today when i was open kde user manager so i can add my self to fuse group I got this massages: Error opening /etc/shadow for reading. kde user manager was open without root pasword edit my accaunt-add to fuse group-ok Can't create backup file for /etc/passwd Cannot open file /etc/group.bak for writing. Can't create backup file for /etc/group Before that I was try to add my external hd to mount point. cp /etc/fstab /etc/fstab.bak pico /etc/fstab /dev/sda5 /mnt/external ntfs-3g user,locale=en_US.utf8 0 0 rm /etc/fstab.bak Can anybody help me? Thanks in advance, Goran. -- Goran Dobosevic www.dobosevic.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Error opening /etc/shadow for reading
On Wed,29.Oct.08, 07:15:12, Goran Dobosevic wrote: Hi, I'm new to linux and have Debian Lenny for 3 month. Today when i was open kde user manager so i can add my self to fuse group I got this massages: Error opening /etc/shadow for reading. kde user manager was open without root pasword edit my accaunt-add to fuse group-ok Can't create backup file for /etc/passwd Cannot open file /etc/group.bak for writing. Can't create backup file for /etc/group Have you been prompted for the root password when you started the user manager? What are the permissions of /etc/shadow ? Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein) signature.asc Description: Digital signature
Re: Error opening /etc/shadow for reading
Andrei Popescu wrote: On Wed,29.Oct.08, 07:15:12, Goran Dobosevic wrote: Hi, I'm new to linux and have Debian Lenny for 3 month. Today when i was open kde user manager so i can add my self to fuse group I got this massages: Error opening /etc/shadow for reading. kde user manager was open without root pasword edit my accaunt-add to fuse group-ok Can't create backup file for /etc/passwd Cannot open file /etc/group.bak for writing. Can't create backup file for /etc/group Have you been prompted for the root password when you started the user manager? What are the permissions of /etc/shadow ? no, before few days yes. permissions of /etc/shadow are defolt i don't know how to changed them :-) Regards, Andrei Thanks for helping, Goran -- Goran Dobosevic www.dobosevic.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Error opening /etc/shadow for reading
On Wed,29.Oct.08, 09:51:43, Goran Dobosevic wrote: no, before few days yes. Somebody who knows KDE might help here. permissions of /etc/shadow are defolt i don't know how to changed them :-) Just to make sure everything is as it should be. Please show the output of 'ls -l /etc/shadow'. Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein) signature.asc Description: Digital signature
Re: Error opening /etc/shadow for reading
Andrei Popescu wrote: On Wed,29.Oct.08, 09:51:43, Goran Dobosevic wrote: no, before few days yes. Somebody who knows KDE might help here. permissions of /etc/shadow are defolt i don't know how to changed them :-) Just to make sure everything is as it should be. Please show the output of 'ls -l /etc/shadow'. Regards, Andrei Here it is: ~# ls -l /etc/shadow -rw-r- 1 root shadow 850 2008-10-24 13:31 /etc/shadow Regards, Goran. -- Goran Dobosevic www.dobosevic.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Error opening /etc/shadow for reading
Goran Dobosevic wrote: Andrei Popescu wrote: On Wed,29.Oct.08, 09:51:43, Goran Dobosevic wrote: no, before few days yes. Somebody who knows KDE might help here. permissions of /etc/shadow are defolt i don't know how to changed them :-) Just to make sure everything is as it should be. Please show the output of 'ls -l /etc/shadow'. Regards, Andrei Here it is: ~# ls -l /etc/shadow -rw-r- 1 root shadow 850 2008-10-24 13:31 /etc/shadow Regards, Goran. you shouldn't edit /etc/shadow at your own if you need to edit a file owned by root under kde use kdesudo in the konsole kdesudo kedit /etc/shadow /etc/shadow should be manipulated with the passwd utilities in kde control centre you have user management, this should do the job for you regards -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Error opening /etc/shadow for reading
On Wed,29.Oct.08, 10:15:28, Goran Dobosevic wrote: Andrei Popescu wrote: On Wed,29.Oct.08, 09:51:43, Goran Dobosevic wrote: no, before few days yes. Somebody who knows KDE might help here. Thinking about it, you could try starting kuser from a terminal and see if you get any error messages. Just to make sure everything is as it should be. Please show the output of 'ls -l /etc/shadow'. Here it is: ~# ls -l /etc/shadow -rw-r- 1 root shadow 850 2008-10-24 13:31 /etc/shadow That looks ok. Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein) signature.asc Description: Digital signature
Re: Shadow...
David Pedro Willemann escreveu: Possuo o SUSE 10.0 instalado como um servidor de email e estou fazendo a migração para um Debian Etch. O Etch será substituido pelo Lenny dentro de uns 30 dias, no máximo. A senhas dos usuários no arquivo Shadow no SUSE estão com a codifição Blowfish. Pelo que verifiquei o DEBIAN trabalha com a codificação de senhas com MD5. É só fazer o Debian utilizar blowfish também. http://ludoa.wordpress.com/2007/04/02/moving-from-md5-to-blowfish-on-debianubuntu Att, Renato -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Shadow...
Senhores, Possuo o SUSE 10.0 instalado como um servidor de email e estou fazendo a migração para um Debian Etch. A senhas dos usuários no arquivo Shadow no SUSE estão com a codifição Blowfish. Pelo que verifiquei o DEBIAN trabalha com a codificação de senhas com MD5. Criei todos os usuarios no debian so que na hora de trazer o as senhas do shadow com a codificação Blowfish do SUSE não loga no Debian. Alguem teria uma luz para resolver este problema que estou tendo ? Como posso fazer a migração das senhas do SUSE(blowfish) para o DEBIAN Etch(MD5) ou como faço para mudar o tipo de codifição do arquivo shadow do DEBIAN ? Alguma dica sobre o q pesquisar ? Obrigado e aguardo retorno. David Pedro Willemann Administrador de Redes - Labmetro (48) 99197836 (48) 32480982 (48) 36470220 Quoting Rodrigo [EMAIL PROTECTED]: This message was sent using IMP, the Internet Messaging Program. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Calcular paramertros de contraseña Timestamp /etc/shadow
Estimados: Tengo una duda acerca de como calcular algunos parámetros relacionados con las contraseñas del archivo /etc/shadow. He buscado documentación y no he encontrado la manera de calcular manualmente dichos parámetros para sistemas linux. A continuación adjunto lo que he encontrado: ejemplo: cuenta-test:$1$DORWlFmM$4yhE.0olwWtHxFN5o/AR7.:13969:0:60:9::: 1 2 34 5 6 7 8 1. User name : It is your login name 2. Password: It your encrypted password. The password should be minimum 6-8 characters long including special characters/digits 3. Last password change (lastchanged): Days since Jan 1, 1970 that password was last changed 4. Minimum: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password 5. Maximum: The maximum number of days the password is valid (after that user is forced to change his/her password) 6. Warn : The number of days before password is to expire that user is warned that his/her password must be changed 7. Inactive : The number of days after password expires that account is disabled 8. Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used Me gustaría poder calcular manualmente desde el punto 3 hacia adelante. He probado con el comando $chage -l nombre_usuario y me entrega dicha información procesada para 1 usuario, pero necesito poder calcularla manualmente para muchos usuarios. También he probado con el comando $date -d @timestamp y me arroja algunos minutos algunas horas pero siempre en 1/1/1970. Bueno amigos gracias por leer. Saludos Cordiales -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Calcular paramertros de contraseña Timestamp /etc/shadow
El día 9 de julio de 2008 11:19, Abraham Pérez [EMAIL PROTECTED] escribió: 2008/7/9, andres sarmiento [EMAIL PROTECTED]: Estimados: Tengo una duda acerca de como calcular algunos parámetros relacionados con las contraseñas del archivo /etc/shadow. He buscado documentación y no he encontrado la manera de calcular manualmente dichos parámetros para sistemas linux. A continuación adjunto lo que he encontrado: ejemplo: cuenta-test:$1$DORWlFmM$4yhE.0olwWtHxFN5o/AR7.:13969:0:60:9::: 1 2 34 5 6 7 8 1. User name : It is your login name 2. Password: It your encrypted password. The password should be minimum 6-8 characters long including special characters/digits 3. Last password change (lastchanged): Days since Jan 1, 1970 that password was last changed 4. Minimum: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password 5. Maximum: The maximum number of days the password is valid (after that user is forced to change his/her password) 6. Warn : The number of days before password is to expire that user is warned that his/her password must be changed 7. Inactive : The number of days after password expires that account is disabled 8. Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used Me gustaría poder calcular manualmente desde el punto 3 hacia adelante. He probado con el comando $chage -l nombre_usuario y me entrega dicha información procesada para 1 usuario, pero necesito poder calcularla manualmente para muchos usuarios. También he probado con el comando $date -d @timestamp y me arroja algunos minutos algunas horas pero siempre en 1/1/1970. Bueno amigos gracias por leer. Saludos Cordiales -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] Mis disculpas por adelantado, pero no termino de entender qué es lo que necesitas. Veo que el formato se corrió, mil disculpas: Lo que necesito es poder calcular desde el punto 3 (13969 desde string de shadow), es decir cuando fue la última vez que la password se cambió, cuando expira, cuando se bloquea, etc. Gracias por el interes. Saludos cordiales -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Calcular paramertros de contraseña Timestamp /etc/shadow
El mié, 09-07-2008 a las 11:29 -0400, andres sarmiento escribió: El día 9 de julio de 2008 11:19, Abraham Pérez [EMAIL PROTECTED] escribió: 2008/7/9, andres sarmiento [EMAIL PROTECTED]: Estimados: Tengo una duda acerca de como calcular algunos parámetros relacionados con las contraseñas del archivo /etc/shadow. He buscado documentación y no he encontrado la manera de calcular manualmente dichos parámetros para sistemas linux. A continuación adjunto lo que he encontrado: ejemplo: cuenta-test:$1$DORWlFmM$4yhE.0olwWtHxFN5o/AR7.:13969:0:60:9::: 1 2 34 5 6 7 8 1. User name : It is your login name 2. Password: It your encrypted password. The password should be minimum 6-8 characters long including special characters/digits 3. Last password change (lastchanged): Days since Jan 1, 1970 that password was last changed 4. Minimum: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password 5. Maximum: The maximum number of days the password is valid (after that user is forced to change his/her password) 6. Warn : The number of days before password is to expire that user is warned that his/her password must be changed 7. Inactive : The number of days after password expires that account is disabled 8. Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used Me gustaría poder calcular manualmente desde el punto 3 hacia adelante. He probado con el comando $chage -l nombre_usuario y me entrega dicha información procesada para 1 usuario, pero necesito poder calcularla manualmente para muchos usuarios. También he probado con el comando $date -d @timestamp y me arroja algunos minutos algunas horas pero siempre en 1/1/1970. Bueno amigos gracias por leer. Saludos Cordiales Tirando un poco de python: #!/usr/bin/env python # -*- coding: UTF-8 -*- import time import sys try: f=open('/etc/shadow','r') data=f.readlines() f.close() except: print Can't read /etc/shadow, exec by root, please!! sys.exit(1) for line in data: user=line.strip().split(':') #print user if user[1] == '*' or user[1] == '!': #print User %s locked or with no pass%user[0] continue print User %s change passwd at '%s' \ %(user[0], time.ctime(int(user[2])*60*60*24) ) ### el último print te calcula la fecha (no los días) en la que la contraseña se cambió... sólo tienes que cambiar user[2] (lo que sería tu campo 3) para leer y hacer operaciones con el resto de campos. Saludos -- http://soleup.eup.uva.es/mariodebian signature.asc Description: Esta parte del mensaje está firmada digitalmente
Re: Calcular paramertros de contraseña Timestamp /etc/shadow
El Wed, 9 Jul 2008 11:29:26 -0400 andres sarmiento [EMAIL PROTECTED] escribió: El día 9 de julio de 2008 11:19, Abraham Pérez [EMAIL PROTECTED] escribió: 2008/7/9, andres sarmiento [EMAIL PROTECTED]: Estimados: Tengo una duda acerca de como calcular algunos parámetros relacionados con las contraseñas del archivo /etc/shadow. He buscado documentación y no he encontrado la manera de calcular manualmente dichos parámetros para sistemas linux. A continuación adjunto lo que he encontrado: ejemplo: cuenta-test:$1$DORWlFmM$4yhE.0olwWtHxFN5o/AR7.:13969:0:60:9::: 1 2 34 5 6 7 8 1. User name : It is your login name 2. Password: It your encrypted password. The password should be minimum 6-8 characters long including special characters/digits 3. Last password change (lastchanged): Days since Jan 1, 1970 that password was last changed 4. Minimum: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password 5. Maximum: The maximum number of days the password is valid (after that user is forced to change his/her password) 6. Warn : The number of days before password is to expire that user is warned that his/her password must be changed 7. Inactive : The number of days after password expires that account is disabled 8. Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used Me gustaría poder calcular manualmente desde el punto 3 hacia adelante. He probado con el comando $chage -l nombre_usuario y me entrega dicha información procesada para 1 usuario, pero necesito poder calcularla manualmente para muchos usuarios. También he probado con el comando $date -d @timestamp y me arroja algunos minutos algunas horas pero siempre en 1/1/1970. Bueno amigos gracias por leer. Saludos Cordiales -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] Mis disculpas por adelantado, pero no termino de entender qué es lo que necesitas. Veo que el formato se corrió, mil disculpas: Lo que necesito es poder calcular desde el punto 3 (13969 desde string de shadow), es decir cuando fue la última vez que la password se cambió, cuando expira, cuando se bloquea, etc. Gracias por el interes. Saludos cordiales Ese es el número de días que han pasado entre el 1 de enero de 1970 y la fecha en que cambiaste por última vez la contraseña. 1. Conviértelo a segundos 13969 días = 1206921600 s 2. usa date ~$ date -d @1206921600 lun mar 31 02:00:00 CEST 2008 y resulta que esa contraseña fue cambiada por última vez el 31 de marzo de 2008. Saludos. -- Manolo Díaz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: permission of shadow file and upgrade the kernel
Hi Doug Thank you But I saw most of linux are using 600 why is debian using 640? for the upgrade, could you give me more information? eg: steps to upgrade thank you --- Douglas Allan Tutty [EMAIL PROTECTED] wrote: On Mon, Apr 09, 2007 at 12:47:23PM -0700, ann kok wrote: Hi all why the permission of the shadow file in debian is 640? and how can I upgrade the kernel? eg: 686 kernel 1.What do you think the permissions of shadow should be? The only user who needs to read /etc/shadow is root, that is the whole point of having shadow passwords. 2.Assuming you're running etch, just install the linux-image meta package for your arch, it will always depend on the most recent version. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] The fish are biting. Get more visitors on your site using Yahoo! Search Marketing. http://searchmarketing.yahoo.com/arp/sponsoredsearch_v2.php -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: permission of shadow file and upgrade the kernel
On Tue, Apr 10, 2007 at 05:52:19AM -0700, ann kok wrote: --- Douglas Allan Tutty [EMAIL PROTECTED] wrote: On Mon, Apr 09, 2007 at 12:47:23PM -0700, ann kok wrote: why the permission of the shadow file in debian is 640? and how can I upgrade the kernel? eg: 686 kernel 1. What do you think the permissions of shadow should be? The only user who needs to read /etc/shadow is root, that is the whole point of having shadow passwords. 2. Assuming you're running etch, just install the linux-image meta package for your arch, it will always depend on the most recent version. But I saw most of linux are using 600 why is debian using 640? for the upgrade, could you give me more information? eg: steps to upgrade Re shadow: I think the best answer you've already received is that scripts that need to read shadow only (no write) don't need to run UID root but only GID root. It then makes more sense (more secure) to give shadow group-root read permissions. Re the kernel. Need more information. At what state is your box currently and to what state would you like it? Are you currenly running sarge and want to upgrade to etch? What kernel are you currently running? Have you read the Etch release notes? For each flavour of kernel, there exists what is called a meta-package who's job it is to depend on the most recent version of that flavour. As new versions become available, the kernel will show up as an upgradeable package in aptitude. Of course, kernel upgrades are the ones to be most careful with. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
permission of shadow file and upgrade the kernel
Hi all why the permission of the shadow file in debian is 640? and how can I upgrade the kernel? eg: 686 kernel Thank you Don't get soaked. Take a quick peek at the forecast with the Yahoo! Search weather shortcut. http://tools.search.yahoo.com/shortcuts/#loc_weather -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: permission of shadow file and upgrade the kernel
On Mon, Apr 09, 2007 at 12:47:23PM -0700, ann kok wrote: Hi all why the permission of the shadow file in debian is 640? and how can I upgrade the kernel? eg: 686 kernel 1. What do you think the permissions of shadow should be? The only user who needs to read /etc/shadow is root, that is the whole point of having shadow passwords. 2. Assuming you're running etch, just install the linux-image meta package for your arch, it will always depend on the most recent version. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: permission of shadow file and upgrade the kernel
Douglas Allan Tutty wrote: On Mon, Apr 09, 2007 at 12:47:23PM -0700, ann kok wrote: Hi all why the permission of the shadow file in debian is 640? ---deleted 1. What do you think the permissions of shadow should be? The only user who needs to read /etc/shadow is root, that is the whole point of having shadow passwords. ---deleted Doug. One might wonder why it isn't just 600, if the only user needing access is root? The answer may be in the permissions and owner/group: -rw-r- 1 root shadow It would appear there are (or could potentially be) tools that need to only read the file. Rather than make them set uid to root, which would give them rw permission, they are set gid so they have ro permission, which limits the damage they could potentially do. Bob smime.p7s Description: S/MIME Cryptographic Signature
Re: permission of shadow file and upgrade the kernel
On Mon, 2007-04-09 at 17:37 -0700, Bob McGowan wrote: [snip] One might wonder why it isn't just 600, if the only user needing access is root? The answer may be in the permissions and owner/group: -rw-r- 1 root shadow It would appear there are (or could potentially be) tools that need to only read the file. Rather than make them set uid to root, which would give them rw permission, they are set gid so they have ro permission, which limits the damage they could potentially do. You are correct. Things like authentication for various services are just one of many. -- greg, [EMAIL PROTECTED] Novell's Directory Services is a competitive product to Microsoft's Active Directory in much the same way that the Saturn V is a competitive product to those dinky little model rockets that kids light off down at the playfield. -- Thane Walkup -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Przeniesienie/zmiana nazwy plików passwd i shadow
Witam! Mam pytanie. Czy istnieje możliwość przeniesienia na stałe passwd i shadow do innego katalogu lub/i zmiana nazwy? Zapytałem pana google ale się nie spisał. Z góry dziękuję za odpowiedź. Pozdrowienia, Malkowitch a można wiedzieć po co ? Chcę utrudnić zdobyć pliku haseł. Symlink raczej odpada.---BeginMessage--- a można wiedzieć po co ? Dnia niedziela, 21 stycznia 2007 23:09, [EMAIL PROTECTED] napisał: Witam! Mam pytanie. Czy istnieje możliwość przeniesienia na stałe passwd i shadow do innego katalogu lub/i zmiana nazwy? Zapytałem pana google ale się nie spisał. Z góry dziękuję za odpowiedź. Pozdrowienia, Malkowitch -- Etch Debian User: PawelatWartandotorg kadu:3735326 Registered Linux User : 406139 |PLUG :1966491030 GnuPG | pub 1024D/2AAB159B Home Page: http://www.wartan.org ---End Message---
Re: Przeniesienie/zmiana nazwy plików passwd i shadow
= Dnia: poniedziałek, 22 stycznia 2007 16:37, [EMAIL PROTECTED] pisze: Witam! Mam pytanie. Czy istnieje możliwość przeniesienia na stałe passwd i shadow do innego katalogu lub/i zmiana nazwy? Zapytałem pana google ale się nie spisał. Z góry dziękuję za odpowiedź. Pozdrowienia, Malkowitch a można wiedzieć po co ? Chcę utrudnić zdobyć pliku haseł. Symlink raczej odpada. Wybacz, ale to chyba bez sensu. :) Przede wszystkim dlatego, że wiele miejsc w systemie i w narzędziach odwołuje się bezpośrednio do ścieżek /etc/{passwd,shadow,group,gshadow} itd. Jedyne sensowne wyjście to właśnie symlink. A tak (w twoim wypadku) to może i trzeba by robić nawet jakieś ręczne poprawki w jądrze lub/i w kilku narzędziach/bibliotekach... Poza tym całym zamieszaniem, skuteczność takiego postępowania (w celu zabezpieczenia systemu) jest rażąco niska... pzdr, jmb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Przeniesienie/zmiana nazwy plików passwd i shadow
Jaroslaw Bylina napisał(a): Przede wszystkim dlatego, że wiele miejsc w systemie i w narzędziach odwołuje się bezpośrednio do ścieżek /etc/{passwd,shadow,group,gshadow} itd. Jedyne sensowne wyjście to właśnie symlink. A tak (w twoim wypadku) to może i trzeba by robić nawet jakieś ręczne poprawki w jądrze lub/i w kilku narzędziach/bibliotekach... Akurat jądro guzik obchodzi co masz w /etc/whatever. Jądro interesują tylko UIDy. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Przeniesienie/zmiana nazwy plików passwd i shadow
Jak doniosły WSI, dnia Mon, 22 Jan 2007 00:09:48 +0100 [EMAIL PROTECTED] napisał(a): Witam! Mam pytanie. Czy istnieje możliwość przeniesienia na stałe passwd i shadow do innego katalogu lub/i zmiana nazwy? Zapytałem pana google ale się nie spisał. Z góry dziękuję za odpowiedź. Pozdrowienia, Malkowitch Witam ponownie, zapomniałem dodać, że passwd (i shadow) to nie tyle plik, co baza danych poczytaj na googlach o Name Service Switch (NSS). Myślę że nie jest możliwe zmiana nazwy/lokalizacji tego pliku. Jeśli jesteś hmmm... (samobójcą) to postaw sobie LDAP'a, wyedytuj nsswitch.conf, skonfiguruj pam_ldap i wykasuj passwd, shadow, groups, services itd. Pozdr. sm0q
Re: Przeniesienie/zmiana nazwy plików passwd i shadow
Jak doniosły WSI, dnia Mon, 22 Jan 2007 00:09:48 +0100 [EMAIL PROTECTED] napisał(a): Witam! Mam pytanie. Czy istnieje możliwość przeniesienia na stałe passwd i shadow do innego katalogu lub/i zmiana nazwy? Zapytałem pana google ale się nie spisał. Z góry dziękuję za odpowiedź. Pozdrowienia, Malkowitch Witaj :) Hmm... Security by obscurity... to nie security Przepraszam że nie na temat, ale IMHO raczej zainteresuj się grsecurity, selinux'em, ACL'ami, chroot'em itp., a nie staraj się udziwnić konfiguracji na siłę. Jeśli boisz sie cgi - to mod_security itd,itd,itd Pozdr, sm0q
Przeniesienie/zmiana nazwy plików passwd i shadow
Witam! Mam pytanie. Czy istnieje możliwość przeniesienia na stałe passwd i shadow do innego katalogu lub/i zmiana nazwy? Zapytałem pana google ale się nie spisał. Z góry dziękuję za odpowiedź. Pozdrowienia, Malkowitch
Re: Przeniesienie/zmiana nazwy plików passwd i shadow
On Mon, 2007-01-22 at 00:09 +0100, [EMAIL PROTECTED] wrote: Mam pytanie. Czy istnieje możliwość przeniesienia na stałe passwd i shadow do innego katalogu lub/i zmiana nazwy? Zapytałem pana google ale się nie spisał. Zrobić symlink? Pozdrawiam, Adam -- Adam Byrtek / Alpha Każdy ideał w ciele jest trywialny - prawdy algebraiczne
Re: passwd + shadow + smbpasswd = ldap
Thorsten Schmidt schrieb: zur Zeit suche ich ein Tool, das in der Lage ist, eine alte Accountdatenbank die aus den Dateien passwd,shadow,smbpasswd besteht nach ldap zu migrieren. Die smbldap-tools können dies anscheinend mit unix-Accounts machen. Dies reicht aber leider nicht. Zudem können sie sogn. pwdump Accounts importieren - um was handelt es sich hier eigentlich? Wisst ihr evtl. wie ich am besten meine alten Daten migriere? Vielleicht hilft dir ja das hier weiter: http://de.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html#pdbeditthing Habt das tool noch nie benutzt, aber laut Beschreibung kann es dir vielleicht weiterhelfen. Grüße Marc -- Haeufig gestellte Fragen und Antworten (FAQ): http://www.de.debian.org/debian-user-german-FAQ/ Zum AUSTRAGEN schicken Sie eine Mail an [EMAIL PROTECTED] mit dem Subject unsubscribe. Probleme? Mail an [EMAIL PROTECTED] (engl)
Re: passwd + shadow + smbpasswd = ldap
Thorsten Schmidt wrote: zur Zeit suche ich ein Tool, das in der Lage ist, eine alte Accountdatenbank die aus den Dateien passwd,shadow,smbpasswd besteht nach ldap zu migrieren. Die smbldap-tools können dies anscheinend mit unix-Accounts machen. Hmm, ich dachte die wären nur zur Verwalten der Accounts. Dies reicht aber leider nicht. Zudem können sie sogn. pwdump Accounts importieren - um was handelt es sich hier eigentlich? Ein Programm, um die Passwörter aus der Registry zu extrahieren. Schau dir mal http://us1.samba.org/samba/ftp/pwdump/README an. Wisst ihr evtl. wie ich am besten meine alten Daten migriere? Mit den migrationtools (apt-cache show migrationtools;) HTH und Gruß, Michel -- -- Haeufig gestellte Fragen und Antworten (FAQ): http://www.de.debian.org/debian-user-german-FAQ/ Zum AUSTRAGEN schicken Sie eine Mail an [EMAIL PROTECTED] mit dem Subject unsubscribe. Probleme? Mail an [EMAIL PROTECTED] (engl)
passwd + shadow + smbpasswd = ldap
Hallo, zur Zeit suche ich ein Tool, das in der Lage ist, eine alte Accountdatenbank die aus den Dateien passwd,shadow,smbpasswd besteht nach ldap zu migrieren. Die smbldap-tools können dies anscheinend mit unix-Accounts machen. Dies reicht aber leider nicht. Zudem können sie sogn. pwdump Accounts importieren - um was handelt es sich hier eigentlich? Wisst ihr evtl. wie ich am besten meine alten Daten migriere? Bis dene Thorsten
How to create shadow passwords manually.........
My Etch installer doesn't finish the installation, so i have to just reboot, and create my own passwords and such from the shell, and a few other things by hand. But these are in /etc/passwd There is no /etc/shadow file. Apart from creating the /etc/shadow file, how do i create shadow passwords? TIA Charlie -- Registered Linux User:- 329524 +++ If a man constantly aspires is he not elevated? ...Henry David Thoreau Linux Debian Etch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How to create shadow passwords manually.........
On Mon, Sep 25, 2006 at 08:21:30PM +1000, M-L wrote: But these are in /etc/passwd There is no /etc/shadow file. Apart from creating the /etc/shadow file, how do i create shadow passwords? /sbin/shadowconfig on Steve -- Debian GNU/Linux System Administration http://www.debian-administration.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Forced to edit shadow group file manually in Etch
Hi, I switched over from Sarge to Etch. And I get the message below when I edit the group file. # vigr You have modified /etc/group. You may need to modify /etc/gshadow for consistency. Please use the command `vigr -s' to do so. It never used to happen in Sarge. Could some one point out what I am missing? How can I automate the shadow file modification? Thank you so much Kind Regards Siju -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How to create shadow passwords manually.........
On Monday 25 September 2006 20:40, Steve Kemp wrote: But these are in /etc/passwd There is no /etc/shadow file. Apart from creating the /etc/shadow file, how do i create shadow passwords? /sbin/shadowconfig on Thanks Steve. -- Registered Linux User:- 329524 +++ I have been reading your Descartes. Very interesting. I think, therefore I am. He forgot to mention the other part. I'm sure he knew, he just forgot: I don't think, therefore I'm not. --- KATAGIRI ROSHI *** Debian Etch ___
SHADOW
Pessoal, Estava instalando uma máquina AMD64 através do DFS e me deparei com um problemão: ELE NÃO HABILITOU O USO DO SHADOW Alguém sabe me informar como eu faço para habilitar o shadow? Desde já agradeço a atenção de todos. Abraços, Roberth. Message sent using UebiMiau 2.7 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
SHADOW
Pessoal, Estava instalando uma máquina AMD64 através do DFS e me deparei com um problemão: ELE NÃO HABILITOU O USO DO SHADOW Alguém sabe me informar como eu faço para habilitar o shadow? Desde já agradeço a atenção de todos. Abraços, Roberth. Message sent using UebiMiau 2.7 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: SHADOW
Pessoal, Resolvi o problema. É só utilizar o comando shadowconfig on | off para ativar ou desativar o uso do shadow. Abraços, Roberth. - Mensagem Original De: Internauta [EMAIL PROTECTED] Para: debian-user-portuguese@lists.debian.org debian-user-portuguese@lists.debian.org Assunto: SHADOW Data: 05/05/06 17:07 Pessoal, Estava instalando uma máquina AMD64 através do DFS e me deparei com um problemão: ELE NÃO HABILITOU O USO DO SHADOW Alguém sabe me informar como eu faço para habilitar o shadow? Desde já agradeço a atenção de todos. Abraços, Roberth. Message sent using UebiMiau 2.7 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of quot;unsubscribequot;. Trouble? Contact [EMAIL PROTECTED] Message sent using UebiMiau 2.7 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Précision sur /etc/shadow
Bonjour, J'aimerais avoir une précision sur le fichier /etc/shadow Dedans se trouve les mots de passe utilisateurs. Pour certains utilisateurs je souhaite qu'ils soit désactivés. nom_user:*:13241:0:9:7::: Donc là mon compte est désactivé grâce à l'étoile. Mais pour certains utilisateurs j'ai des ! Quelle est la différence entre * et ! ? Merci
Re: Précision sur /etc/shadow
Le Lundi, 3 Avril 2006 09.59, [EMAIL PROTECTED] a écrit : Bonjour, bonjour, J'aimerais avoir une précision sur le fichier /etc/shadow Dedans se trouve les mots de passe utilisateurs. Pour certains utilisateurs je souhaite qu'ils soit désactivés. nom_user:*:13241:0:9:7::: Donc là mon compte est désactivé grâce à l'étoile. Mais pour certains utilisateurs j'ai des ! Quelle est la différence entre * et ! ? dans man shadow on lit : Si le champ du mot de passe contient une chaîne qui ne peut pas être un résultat valable de crypt(3), par exemple si elle contient les caractères ! ou *, alors l'utilisateur ne pourra pas utiliser son mot de passe UNIX pour se connecter. Ceci peut dépendre de pam(7). Merci bonne journée -- steve jabber : [EMAIL PROTECTED]
convertir un hash MD5 php/ldap en un hash pour /etc/shadow
Bonjour j'ai une question : j'ai les mdp des utilisateurs codé en MD5 dans une table MySQL (un hash sur 32 octets) et aussi dans un annuaire LDAP, je ne connais pas leur mdp clair. Je souhaite pouvoir utiliser leur mot de passe existant pour créer des comptes unix locaux sur un serveur sans passer par une auth. centralisée PAM+LDAP, juste par le classique /etc/shadow. mon idée est de recopier leur mdp officiel dans le /etc/shadow du serveur Savez-vous comment je pourrai faire pour convertir un hash MD5 sur 32 octets, généré avec la fonction md5() de PHP, ou alors une valeur md5 LDAP en un hash compatible avec le champ password de /etc/shadow ? Ca concerne qu'une petite dizaine de compte sur un serveur à part donc pas envie (surtout ni le temps...) de m'embeter avec l'artillerie lourde pam+ldap pour cela. Merci d'avance -- Arnaud -- Pensez à lire la FAQ de la liste avant de poser une question : http://wiki.debian.net/?DebianFrench Pensez à rajouter le mot ``spam'' dans vos champs From et Reply-To: To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: OT duda con /etc/shadow
Le Samedi 11 Mars 2006 17:41, Ricardo Marcelo Alvarez a écrit : Hola hace poco hubo una discusion en la lista sobre como borrar un passwd, alguien habia preguntado como borrar, la cuestion es que yo pensaba que con passwd -l usuario se le borraba, con ese comando en /etc/shadow donde iria el password encriptado pone !, no encontre un comando que ponga *, leyendo el man de shadow dice que es equivalente que haya un ! o un * Es esto asi o existe alguna diferencia. Hola, bueno te hago un resumen de como creo que funciona (puedo estar equivocado o no ;). En /etc/passwd como creo que ya sabrás en el campo contraseña hay una x que indica que el campo de contraseña se encuentra en /etc/shadow (aunque sistemas que no tengan el sistema shadow la tendrán ahí la pass). En /etc/shadow, si tienes el campo de la contraseña con valor * significa, cuenta deshabilitada. Y si tiene un valor ! significa que será imposible logearse con esa cuenta pues ninguna cadena (cualquier password que se intente usar) nunca podrá dar un valor que empiece por !. (para esta encriptación, man crypt, por si quieres saber como se hace) Es decir, resumiendo: * es deshabilitada ! es deshabilitada puesto que no existe cadena que pueda dar ! en su codificación Dos formas de hacer lo mismo. salu2
Re: OT duda con /etc/shadow
Le Samedi 11 Mars 2006 17:41, Ricardo Marcelo Alvarez a écrit : Hola hace poco hubo una discusion en la lista sobre como borrar un passwd, alguien habia preguntado como borrar, la cuestion es que yo pensaba que con passwd -l usuario se le borraba, con ese comando en /etc/shadow donde iria el password encriptado pone !, no encontre un comando que ponga *, leyendo el man de shadow dice que es equivalente que haya un ! o un * Es esto asi o existe alguna diferencia. Buenas, no te lo puede decir con certeza, pero me parece haber leído en una revista (hace unos 7 años ya) que para bloquear la cuenta de un usuario, el administrador tenía que poner un * en la línea del usuario. Quizas que antes la orden passwd (igual que usermod) agregaba un * y que ahorra lo pone un ! Y que es por razón de compatibilidad que han guardado los dos. Salu2 -- Claude Micouin [EMAIL PROTECTED] http://astuce.linux.free.fr Por favor, no adjunte documentos en formatos doc o ppt, sino en algún formato estándar como html, pdf, rtf o txt. Gracias. Cf: http://www.gnu.org/philosophy/no-word-attachments.es.html
OT duda con /etc/shadow
Hola hace poco hubo una discusion en la lista sobre como borrar un passwd, alguien habia preguntado como borrar, la cuestion es que yo pensaba que con passwd -l usuario se le borraba, con ese comando en /etc/shadow donde iria el password encriptado pone !, no encontre un comando que ponga *, leyendo el man de shadow dice que es equivalente que haya un ! o un * Es esto asi o existe alguna diferencia. Saludos. man shadow SHADOW(5) SHADOW(5) NAME shadow - encrypted password file DESCRIPTION shadow contains the encrypted password information for user's accounts and optional the password aging information. Included is Login name Encrypted password Days since Jan 1, 1970 that password was last changed Days before password may be changed Days after which password must be changed Days before password is to expire that user is warned Days after password expires that account is disabled Days since Jan 1, 1970 that account is disabled A reserved field The password field must be filled. The encryped password consists of 13 to 24 characters from the 64 character alphabet a thru z, A thru Z, 0 thru 9, . and /. Refer to crypt(3) for details on how this string is interpreted. If the password field contains some string that is not valid result of crypt(3), for instance ! or *, the user will not be able to use a unix password to log in, subject to pam(7). The date of the last password change is given as the number of days since Jan 1, 1970. The password may not be changed again until the proper number of days have passed, and must be changed after the maximum number of days. If the minimum number of days required is greater than the maximum number of day allowed, this password may not be changed by the user. An account is considered to be inactive and is disabled if the password is not changed within the specified number of days after the password expires. An account will also be disabled on the speci- fied day regardless of other password expiration information. This information supercedes any password or password age information present in /etc/passwd. This file must not be readable by regular users if password security is to be maintained. FILES /etc/passwd - user account information /etc/shadow - encrypted user passwords SEE ALSO chage(1), login(1), passwd(1), su(1), passwd(5), pwconv(8), pwunconv(8), sulogin(8) AUTHOR Julianne Frances Haugh ([EMAIL PROTECTED]) pgpS4lMSoUUXh.pgp Description: PGP signature
shadow file and two root directories for apache2
Hi,I am having one more question we are having one live webserver with apache 1.X and in this we are having default root document directory but only one website they are using different webroot directory how do we menction for this one website for different root directory which file we need to edit and where to menction this. We are planning to migrate from redhat webserver to debian webserver with apache 2.x and i am planning to copy the existing shadow password file from redhat machine to debian machine.It will work without any problem in debian with the same user names and passwords otherwise i need to do any other thing.Thanks for your help Yahoo! for Good Click here to donate to the Hurricane Katrina relief effort.
Re: mcrypt = md5-passwö rter (/etc/shadow)
Moin Michelle! Michelle Konzack schrieb am Samstag, den 03. September 2005: Hallo *, weis jemand wie man md5 passwörter generiert, die mit /etc/shadow funktionieren ? Zudem noch STDIN/STDOUT akzeptiert ? man mkpasswd Eduard. -- Alfie *prust* Alfie #, fuzzy Alfie msgid Failed Alfie msgstr Weiblich -- Haeufig gestellte Fragen und Antworten (FAQ): http://www.de.debian.org/debian-user-german-FAQ/ Zum AUSTRAGEN schicken Sie eine Mail an [EMAIL PROTECTED] mit dem Subject unsubscribe. Probleme? Mail an [EMAIL PROTECTED] (engl)
[SOLVED] Re: mcrypt = md5- passwörte r (/etc/shadow)
Hi Leute, habe über die php-general zwei Codeschnipsel bekommen, wie man mit md5() und crypt() passwörter generieren kann und auch überprüfen... Problem ist also gelößt, - und ich muß nicht zu solchen dubiosen nicht PHP Sachen wie exec() greiden. Zur zeit habe ich nicht soviel Zeit, wede aber die codeschnipsel auf meiner PHP Seite ablegen. http://devel.debian.tamay-dogan.homelinux.net/php/ Grüße Michelle Am 2005-09-03 10:36:32, schrieb Michelle Konzack: Hallo *, weis jemand wie man md5 passwörter generiert, die mit /etc/shadow funktionieren ? Zudem noch STDIN/STDOUT akzeptiert ? echo -n blubberblah |mcrypt --quiet --force --bare \ --keymode s2k-isalted-md5 \ --algorithm sollte nach Auskunft eines Listenteilnehmers funktionieren, geht aber trotzdem nicht. Für die habe ich schon alles ausprobiert was verfügbar war genauso wie s2k-salted-md5 Ich bekomme immer ein Key transformation failed. Schönes Wochenende Michelle - END OF REPLYED MESSAGE - -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSM LinuxMichi 0033/3/8845235667100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp Description: Digital signature
mcrypt = md5-passwörte r (/etc/shadow)
Hallo *, weis jemand wie man md5 passwörter generiert, die mit /etc/shadow funktionieren ? Zudem noch STDIN/STDOUT akzeptiert ? echo -n blubberblah |mcrypt --quiet --force --bare \ --keymode s2k-isalted-md5 \ --algorithm sollte nach Auskunft eines Listenteilnehmers funktionieren, geht aber trotzdem nicht. Für die habe ich schon alles ausprobiert was verfügbar war genauso wie s2k-salted-md5 Ich bekomme immer ein Key transformation failed. Schönes Wochenende Michelle -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSM LinuxMichi 0033/3/8845235667100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp Description: Digital signature
Re: mcrypt = md5-passwörter (/etc/shadow)
Am Samstag 03 September 2005 10:36 schrieb Michelle Konzack: weis jemand wie man md5 passwörter generiert, die mit /etc/shadow funktionieren ? Zudem noch STDIN/STDOUT akzeptiert ? Vielleicht hilft Dir man 3 crypt, aber vermutlich bist Du da ja schon selber drauf gestoßen. Gruß Chris -- A: because it distrupts the normal process of thought Q: why is top posting frowned upon
/etc/shadow-Acil
İyi günler arşağıda iki farklı debian sisteminin /etc/shadow dosyalarının içeriği gözükmekte. Benim sorum ikisi de MD-5 algoritmasına göre şifrelenmesine rağmen şifreler neden farklı formatta ve ikinci biçimde olan şifreyi ilk biçime çevirmek için yapabileceğim herhangi bir işlem mevcutmudur. Yardımlarınız için şimdiden teşekkür ederim...İyi çalışmalar. alituz:$1$JuI5WWY9$lzV4Dgh8psCrMQtP7ECu10:13026:0:9:7::: velituz::yW6MjAqMZnoXU:12759:: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
/etc/shadow et /etc/passwd
Bonjour! question rapide, et qui risque d'être stupide.. j'ai un fichier /etc/passwd qui contient également les mots de passes des users. je voudrais bien pouvoir en générer un /etc/shadow correspondant.. quelqu'un aurait une idée comment faire? merci! Jay Ar ___ Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger Téléchargez cette version sur http://fr.messenger.yahoo.com -- Pensez à lire la FAQ de la liste avant de poser une question : http://wiki.debian.net/?DebianFrench Pensez à rajouter le mot ``spam'' dans vos champs From et Reply-To: To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: /etc/shadow et /etc/passwd
* Jay Ar [EMAIL PROTECTED] [2005-08-10 14:54] : Bonjour! question rapide, et qui risque d'être stupide.. j'ai un fichier /etc/passwd qui contient également les mots de passes des users. je voudrais bien pouvoir en générer un /etc/shadow correspondant.. quelqu'un aurait une idée comment faire? Utilise pwconv du paquet passwd. Fred -- Comment poser les questions de manière intelligente ? http://www.gnurou.org/documents/smart-questions-fr.html Comment signaler efficacement un bug ? http://www.chiark.greenend.org.uk/~sgtatham/bugs-fr.html -- Pensez à lire la FAQ de la liste avant de poser une question : http://wiki.debian.net/?DebianFrench Pensez à rajouter le mot ``spam'' dans vos champs From et Reply-To: To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: PASSWD, SHADOW e SMBPASSWD
Marcos V Lazarini wrote: Gustavo V. Goulart wrote: Olá Lista, Estou atualizando meus servidores e preferi reinstalar meu servidor de arquivos, fiz backup dos arquivos passwd, shadow, group e de todo o diretório /etc/samba. Copiei somente meus usuários cadastrados nos arquivos passwd e shadow para os novos arquivos /etc/passwd e shadow. Agora não consigo mais logar com meus usuários no servidor, acho q o formato dos arquivos mudaram. Como posso recuperar meus usuários sem ter q recadastrar todas as senhas novamente ??? Olha, eu já fiz isso várias vezes e nunca deu problema. Será que não está havendo conflito de UID/GID? Tenta criar um usuário novo e veja o formato que ele usa (comando adduser) Não tem conflito, meus usuários estão do UID 1002 ao 1050 e todos no GID 100. O fomato é igualzinho, ta sinistro rs O samba do sarge tbm mudou, agora eu não uso mais o /etc/samba/smbpasswd. Como migrar esse meu banco de senhas para o novo padrão do samba 3 sem ter q mexer na configuracão do samba ? Bom, isso na verdade vc pode escolher em algum lugar. Alguns usam o smbpasswd. Outros usam um tal de banco de dados samba (já nao me lembro mais o nome); mas tenho certeza que no site do samba há uma explicação para a migração de um sistema ou outro. Por acaso, se vc fizer um dpkg-reconfigure samba eu acho que ele pergunta se vc quer usar o smbpasswd ou o outro método. Já usei o dpkg-reconfigure, ele só da a opcão de usar esse tal banco do samba, mais isso eu já resolvi, vc pode usar um parâmetro no smb.conf para dizer onde estão as senhas. Obrigado Marcos ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: PASSWD, SHADOW e SMBPASSWD
Gustavo V. Goulart wrote: Marcos V Lazarini wrote: Gustavo V. Goulart wrote: Olá Lista, Estou atualizando meus servidores e preferi reinstalar meu servidor de arquivos, fiz backup dos arquivos passwd, shadow, group e de todo o diretório /etc/samba. Copiei somente meus usuários cadastrados nos arquivos passwd e shadow para os novos arquivos /etc/passwd e shadow. Agora não consigo mais logar com meus usuários no servidor, acho q o formato dos arquivos mudaram. Como posso recuperar meus usuários sem ter q recadastrar todas as senhas novamente ??? Olha, eu já fiz isso várias vezes e nunca deu problema. Será que não está havendo conflito de UID/GID? Tenta criar um usuário novo e veja o formato que ele usa (comando adduser) Não tem conflito, meus usuários estão do UID 1002 ao 1050 e todos no GID 100. O fomato é igualzinho, ta sinistro rs Observe que se vc digitou um caracter errado (trocou o : por ;) ou esqueceu de algum : nesses arquivos, ele ignora silenciosamente - e é uma droga achar o erro. Outra coisa: vc não estaria usando o NIS? cd /var/yp make -- Marcos -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
PASSWD, SHADOW e SMBPASSWD
Olá Lista, Estou atualizando meus servidores e preferi reinstalar meu servidor de arquivos, fiz backup dos arquivos passwd, shadow, group e de todo o diretório /etc/samba. Copiei somente meus usuários cadastrados nos arquivos passwd e shadow para os novos arquivos /etc/passwd e shadow. Agora não consigo mais logar com meus usuários no servidor, acho q o formato dos arquivos mudaram. Como posso recuperar meus usuários sem ter q recadastrar todas as senhas novamente ??? O samba do sarge tbm mudou, agora eu não uso mais o /etc/samba/smbpasswd. Como migrar esse meu banco de senhas para o novo padrão do samba 3 sem ter q mexer na configuracão do samba ? Valeu lista ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: PASSWD, SHADOW e SMBPASSWD
Gustavo V. Goulart wrote: Olá Lista, Estou atualizando meus servidores e preferi reinstalar meu servidor de arquivos, fiz backup dos arquivos passwd, shadow, group e de todo o diretório /etc/samba. Copiei somente meus usuários cadastrados nos arquivos passwd e shadow para os novos arquivos /etc/passwd e shadow. Agora não consigo mais logar com meus usuários no servidor, acho q o formato dos arquivos mudaram. Como posso recuperar meus usuários sem ter q recadastrar todas as senhas novamente ??? Olha, eu já fiz isso várias vezes e nunca deu problema. Será que não está havendo conflito de UID/GID? Tenta criar um usuário novo e veja o formato que ele usa (comando adduser) O samba do sarge tbm mudou, agora eu não uso mais o /etc/samba/smbpasswd. Como migrar esse meu banco de senhas para o novo padrão do samba 3 sem ter q mexer na configuracão do samba ? Bom, isso na verdade vc pode escolher em algum lugar. Alguns usam o smbpasswd. Outros usam um tal de banco de dados samba (já nao me lembro mais o nome); mas tenho certeza que no site do samba há uma explicação para a migração de um sistema ou outro. Por acaso, se vc fizer um dpkg-reconfigure samba eu acho que ele pergunta se vc quer usar o smbpasswd ou o outro método. -- Marcos -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Shadow...
On Sunday 06 of March 2005 00:13, HaflingeR wrote: Instalowalem na serwerze woodego i jakos tak sie stalo ze nie mam hasel w plikui /etc/shadow lecz w /etc/passwd. Tzn. w ogole nie mam pliku /etc/shadow :/ Jak to naprawic? :) dpkg-reconfigure passwd? Pozdrawiam, -- Piotr Figiel http://psychodelic.org/~feeg -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Cypted (UNIX/md5) Passwörter in /etc/shadow und GUI
Hallo, da ich derzeit im Krankenhaus bin habe ich mir vorgenommen ein paar meiner Tools und Scripte upzudaten wobei ich bei meinem 'tduseradmin' auf ein Problem gestoßen bin. Ich habe ein Script verloren, mit dem ich normale UNIX-Passwörter, bzw, md5-Passwörter generieren kann. Kann mir hier jemand weiterhelfen ? Mit 'mcrypt geht es irgendwie nicht... Greetings Michelle -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ Michelle Konzack Apt. 917 ICQ #328449886 50, rue de Soultz MSM LinuxMichi 0033/3/8845235667100 Strasbourg/France IRC #Debian (irc.icq.com) signature.pgp Description: Digital signature