[plug] re: shadow password

Ian Kent ian.kent at pobox.com
Fri Jul 23 22:32:49 WST 1999



"Jon L. Miller" wrote:
> 
> Okay, I'm pass the editing bit go a good grip on that, I'm now trying to understand what and how shadow works.  I understand in the passwd file you can insert an "x" for the password and this would refer to another file and this file is encrypted (eg the password).  However if the passwd command isn't changing the passwords for the users can I just straight edit the /etc/shadow file with the correct password.  I see the file is r/o is there a way to get around this?  I also noticed that some of the users in the /etc/passwd file are not present in the /etc/shadow file.  What's up with this?
> Trying to get to the source of my problem.
> 

man 5 passwd
man 5 shadow

The password file must be readable by everyone, and so is open to
dictionary attack by anyone who can login. The shadow file was
introduced to hide the crypted password info and is not readable by
anyone except root.

--
   ,-._|\    Ian Kent
  /      \   Perth, Western Australia
  *_.--._/   E-mail: ian.kent at pobox.com
        v    Web: http://pobox.com/~ian.kent


More information about the plug mailing list