HPE Community
Operating System - HP-UX
1837623 Members
3470 Online
110117 Solutions
New Discussion

Re: problem about shadow passwords

 
SOLVED
Go to solution
lin.chen
Frequent Advisor

‎11-15-2006 03:13 AM

‎11-15-2006 03:13 AM

problem about shadow passwords

Could you tell me what is shadow password?
Does it has any difference with /etc/passwd?
thanks!
0 Kudos
Reply
4 REPLIES 4
Romanek
Advisor

‎11-15-2006 03:20 AM

‎11-15-2006 03:20 AM

Solution

Re: problem about shadow passwords

Shadow password takes your password from /etc/password and stores it in another location, usually /etc/shadow. This folder usually has stronger permissions so not everyone can view it. The problem is hackers can run crack utilities on /etc/password to obtain your password. If youâ re looking for greater security you may want to consider running your server in trusted mode. Please see docs bellow

Trusted:
http://docs.hp.com/en/B2355-90121/ch01s04.html

Shadow:
http://docs.hp.com/en/5187-0701/ch08s10.html
You can have my UNIX server when you pry it from my cold dead fingers
Reply
A. Clay Stephenson
Acclaimed Contributor

‎11-15-2006 03:21 AM

‎11-15-2006 03:21 AM

Re: problem about shadow passwords

Unix does not store encrypted passwords but rather password hashes. This means that then cannot be decrypted because the hashing process is not reversible,. However, a guessing attack can succeed. You passwd your guess through the normal crypt() function and if the output matches the stored password hash, you guessed correctly. In a traditional password file which is readable by everyone, the password hash is simply a field in that file -- so anyone could apply a password guessing attack and have a value that could be compared. In a shadowed system, the password hash is moved out to another file that is only readable by root and the original hash field is replaced with '*'.
If it ain't broke, I can fix that.
Reply
Romanek
Advisor

‎11-15-2006 03:21 AM

‎11-15-2006 03:21 AM

Re: problem about shadow passwords

sorry that should of been /etc/passwd.
You can have my UNIX server when you pry it from my cold dead fingers
Reply
Pete Randall
Outstanding Contributor

‎11-15-2006 03:22 AM

‎11-15-2006 03:22 AM

Re: problem about shadow passwords

More information available here:

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ShadowPassword


Pete

Pete
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.