Operating System - HP-UX
1830888 Members
1469 Online
110017 Solutions
New Discussion

finding forgotten user passwords

 
SOLVED
Go to solution
Mark Vollmers
Esteemed Contributor

finding forgotten user passwords

I have a user that logs on to our Unix server very rarely. He has forgotten his password. I have looked under the /etc/password file, and it is encrypted, and I cannot find a shadow file if one exists (it is not in the /etc folder). Is there a way to log in as root and see the password, or do I need to create a new one through SAM?
"We apologize for the inconvience" -God's last message to all creation, from Douglas Adams "So Long and Thanks for all the Fish"
6 REPLIES 6
Kofi ARTHIABAH
Honored Contributor

Re: finding forgotten user passwords

As they say, you are out of luck! You will have to create a new one.

Login as root, and execute

passwd username

Cheers,

Kofi
nothing wrong with me that a few lines of code cannot fix!
Rick Garland
Honored Contributor

Re: finding forgotten user passwords

Even though the root account can become any other user and do as he/she may please, the root account does not know the passwds. Will have to dish out another passwd.
Ralph Grothe
Honored Contributor
Solution

Re: finding forgotten user passwords

Another, not guaranteed to work, approach could be to run a password cracker like crack.
But to succeed this requires the user with the forgotten password to have chosen a poor password.
Simplifying, this comes near to a brute force method where entries in dictionaries are encrypted using Unix's crypt function and compared against the encrypted string in the 2nd field of /etc/passwd until a match is found.
So the success very much depends on what dictionary libs you are using (preferably those with respect to your locales, language/naming habits etc.)
If you are administering a system with many users who you suspect to lack password conscientiousness it is a good habit to run crack over your passwd or shadow file on a regular basis to sort out weak passwords.

For futher details have a look at

http://ftp.cs.umt.edu/u/wright/494/unixcrack.html

Madness, thy name is system administration
Pepe Jimenez Muñoz
Frequent Advisor

Re: finding forgotten user passwords

Hi

if you have a trusted system in /tcb/files/auth there are the directories containing one file per user. Inside you see the password.

ppviso
Suhas_2
Regular Advisor

Re: finding forgotten user passwords

Mark,
In unix there is no way to see the passwd of a user. You will have to regenerate the passwd for the user using "passwd "

Pepe Jimeneze,
Even trusted systems, where you have /tcb/files/auth...filesystem,
no one can see the passwd of the user. There are separate files
per user, but they contain additional information about the user and
ENCRYPTED passwd.
a typical entry in /tcb/files/auth/?/???? will look like:

sysadm:u_name=sysadm:u_id#203:
:u_pwd=jcZTP10dOfIdE:
:u_auditid#10:
:u_auditflag#1:
:u_minchg#0:u_exp#0:u_succhg#967550177:u_pswduser=sysadm:
:u_suclog#968314244:u_suctty=ttyp4:u_unsuclog#968314240:u_unsuctty=ttyp4:
:u_lock@:chkent:

Hence the best way is to give the user a new passwd..and later ask him to change it himself.

Hope this helps...
Suhas...
Never say "Die"
Mark Vollmers
Esteemed Contributor

Re: finding forgotten user passwords

thanks a lot for the info. It really helped.
"We apologize for the inconvience" -God's last message to all creation, from Douglas Adams "So Long and Thanks for all the Fish"