| View previous topic :: View next topic |
| Author |
Message |
dpaddy
Tux's lil' helper
Joined: 25 Jun 2008
Posts: 142
|
 Posted: Thu Aug 31, 2017 3:48 pm Post subject: [SOLVED] manually hash passwords |
 |
|
I am root, and know what plaintext password was used for user foo.
Given that information, how can I manually create the entry for user foo that I find in /etc/shadow?
At this point I appreciate the fact that various files can influence how the entry for user foo in /etc/shadow is created.
But what files do I look at, what information do I extract from those files (and how), and then how do I use the information obtained together with knowledge of the plaintext password used for user foo to obtain the entry for user foo that I find in /etc/shadow?
I have seen https://forums.gentoo.org/viewtopic-t-677261-highlight-openssl+passwd.html but can't make things work.
What I find in /etc/shadow is
foo:$1$5xo...:17407:0:99999:7:::
where '...' indicates characters I have omitted, but
openssl passwd -1 -salt \$1 plaintext_password
does not produce what is in /etc/shadow. What does 
Last edited by dpaddy on Thu Aug 31, 2017 7:33 pm; edited 1 time in total |
|
| Back to top |
|
 |
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 30905
Location: here
|
| Posted: Thu Aug 31, 2017 4:12 pm Post subject: |
|
|
From internet (never tested):
| Code: | # emerge whois
# mkpasswd -m sha-512 PASSWORD |
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
dpaddy
Tux's lil' helper
Joined: 25 Jun 2008
Posts: 142
|
| Posted: Thu Aug 31, 2017 7:27 pm Post subject: |
|
|
You may have nudged me in the right direction, but I still do not get what is stored in /etc/shadow...
Every time I execute | Code: | | mkpasswd -m sha-512 PASSWORD |
I get a different answer.
I conjecture that has to do with (random?) salt... But where is the salt for user foo stored -- and how do I extract it -- so that I can use it to generate the hash of foo's password? |
|
| Back to top |
|
|
dpaddy
Tux's lil' helper
Joined: 25 Jun 2008
Posts: 142
|
|
| Back to top |
|
|
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 30905
Location: here
|
| Posted: Thu Aug 31, 2017 7:43 pm Post subject: |
|
|
| dpaddy wrote: | | I conjecture that has to do with (random?) salt... But where is the salt for user foo stored -- and how do I extract it -- so that I can use it to generate the hash of foo's password? |
| Code: | $ mkpasswd -m sha-512 test -s xxxxxxxx
$6$xxxxxxxx$En/.y52/cZHAwsz.3QyXMCNpW8H7uHgWY4xS3rurbDH3atFhh2nCspgYuq1wWUK9F/Qz2r3r5Z6wP4Jepydsi1
\______/
salt |
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3133
|
| Posted: Thu Aug 31, 2017 7:50 pm Post subject: |
|
|
Do you have an actual reason to do that manually?
Why not just go for:
You could also use it's batch-oriented counterpart, chpasswd if you needed a non-interactive tool. |
|
| Back to top |
|
|
|
Networking & Security
