root password
Smoot Carl-Mitchell
smoot at tic.com
Tue Aug 21 15:07:09 UTC 2007
On Tue, 2007-08-21 at 14:25 +1000, Michael James wrote:
> /etc# cat shadow
> root:*:13661:0:99999:7:::
> daemon:*:13621:0:99999:7:::
> bin:*:13621:0:99999:7:::
> <snip lots more system entries>
It is not a good idea to reveal your password hashes (I have removed
them from this email). The MD5 hashing algorithm used to generate the
hashes in GNU/Linux systems is fairly strong, but can be broken with a
brute force type attack which is much simpler if you know the password
hashes. I'd suggest changing your password, since everyone on the list
now knows your password hashes. This is the principal
reason /etc/shadow is protected from normal users.
The '*" in the second field could be any character, since a single '*'
is not a legitimate password hash. In practice the '*' is used
conventionally to indicate a locked account.
For a quick introduction to the various Unix/Linux password hashing
schemes see: http://en.wikipedia.org/wiki/Crypt_(Unix)
--
Smoot Carl-Mitchell
System/Network Architect
email: smoot at tic.com
cell: +1 602 421 9005
home: +1 480 922 7313
More information about the ubuntu-users
mailing list