[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [newbie] Shasow passwords on rhl5.2
Hi,
In RH, setting up shadow password is as easy as typing
'pwconv' and 'grpconv' from root. Anyhow, the password file
only contains the encrypted password anyhow, so if the passwords
really are complete line-noise, it would not be feasible to
actually test each and every combination possible. However,
since RH uses PAM (just like Solaris), you can easily change
the encryption to something else than DES (like MD5), and that
would pretty much kill the possibility of using John/Jack/Crack/whatever.
Yoni Elhanani wrote:
>
> Hi.
>
> I'm incharge my school's webserver (runnig rhl5.2).
> Lately a suggestion was maid to let students and teachers have accounts
> by request,
> in oreder to maintain their home pages,
> and "experience unix". :-)
>
> Anyway,
> for that matter i decided it's time to boost security up a notch,
> and starting with shadow passwords.
> I'm affraid many "cracker-wannabe's" will get the /etc/passwd file,
> and use a cracker to extract passwords out of it. (possibly root the
> server).
>
[some other stuff snipped]
--
Omer Efraim
!- Change is inevitable... Except from vending machines -!