Re: password hash in shadow file

On 13/03/18 09:47 AM, to...@tuxteam.de wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 13, 2018 at 05:25:18PM +0100, Sven Hartge wrote: Adam Weremczuk wrote: I think it was me invoking "passwd" as root and aborting (ctrl+D) without making any

Re: password hash in shadow file

On 14/03/18 09:20, to...@tuxteam.de wrote: > On Tue, Mar 13, 2018 at 07:36:19PM +0100, Sven Hartge wrote: > >> But on that note: I wonder of one could create a PAM module which will >> do just that on successful login. Once you *know* you have the right >> password (and the PAM system has that

Re: password hash in shadow file

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 13, 2018 at 07:36:19PM +0100, Sven Hartge wrote: > to...@tuxteam.de wrote: [...] > > Well, to be fair, the change to SHA-1 is because you can "reverse" MD5 > > all too easily > > Yes, basically. > > > But I don't think your operating

Re: password hash in shadow file

to...@tuxteam.de wrote: > On Tue, Mar 13, 2018 at 05:25:18PM +0100, Sven Hartge wrote: >> Adam Weremczuk wrote: >>> I think it was me invoking "passwd" as root and aborting (ctrl+D) >>> without making any changes. Would that be enough to update the >>> shadow file? >>

Re: password hash in shadow file

On Tue 13 Mar 2018 at 15:18:35 (+), Adam Weremczuk wrote: > Hi all, > > I've just spotted that on one of my old wheezy servers root entry in > /etc/shadow was updated just over 3 weeks ago. Take a look at the end of a file and see if a new user/system account has been added recently when you

Re: password hash in shadow file

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 13, 2018 at 05:25:18PM +0100, Sven Hartge wrote: > Adam Weremczuk wrote: > > > I think it was me invoking "passwd" as root and aborting (ctrl+D) > > without making any changes. Would that be enough to update the

Re: password hash in shadow file

Quite possibly I changed it to the same password. Not sure now as it was almost a month ago but can't find any better explanation. Of course hashes are meant to be irreversible. I guess I'm trying to catch my own shadow ;) On 13/03/18 16:19, to...@tuxteam.de wrote: Still strange. Are you

Re: password hash in shadow file

Adam Weremczuk wrote: > I think it was me invoking "passwd" as root and aborting (ctrl+D) > without making any changes. Would that be enough to update the shadow > file? No. You can't reverse a hash and to generate a new hash the code needs the password for the user

Re: password hash in shadow file

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 13, 2018 at 04:01:52PM +, Adam Weremczuk wrote: > I think it was me invoking "passwd" as root and aborting (ctrl+D) > without making any changes. > Would that be enough to update the shadow file? Hm. That depends on which point you

Re: password hash in shadow file

I think it was me invoking "passwd" as root and aborting (ctrl+D) without making any changes. Would that be enough to update the shadow file? On 13/03/18 15:47, to...@tuxteam.de wrote: What I don't understand is how the system changed the hashing method without getting you involved. You don't

Re: password hash in shadow file

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 13, 2018 at 03:18:35PM +, Adam Weremczuk wrote: > Hi all, > > I've just spotted that on one of my old wheezy servers root entry in > /etc/shadow was updated just over 3 weeks ago. > > The root password is still the same and the

password hash in shadow file

Hi all, I've just spotted that on one of my old wheezy servers root entry in /etc/shadow was updated just over 3 weeks ago. The root password is still the same and the lastchanged count is much higher than 3 weeks. The difference I've noticed is the hashed password string being much