Here's what I got from the mandrake security mailing list so far:
This is strange. I was just going to write a mail to this list about
this. it seems that /etc/shadow accepts both crypt passwords (the short
passwd) and MD5 passwords. (34 characters with $ and slashes does seem
to me like
Thanks for the replies,
Don't worry about the Mandrake specific stuff; I'm on Redhat. although it
seems to the same as what you're talking about;
My shadow is in format:
fakeaccount:$1$5PXJfLSQ$LSxsnZfHzBrkDdT2NZefK.:11600:0:9:7:::
(the password was 'password')
I probably would not have
What is the best way to change linux passwords using a web .PHP interface?
I currently allow FTP access to php enabled webhosting sites; which use
safe mode, thus use real linux accounts.
Thus far I thought I would:
Write a real short C program which would call allow to go
setpasswd
First off, if you don't already know, the linux passwords are stored in the
/etc/passwd file (unless you have a shadow suite installed, in which case
/etc/shadow would be a good bet.) Basing this on a shadow file, the file is a
text document with one user per line. The entries are stored in
Hmmm mandrake 8 uses a different algorithm... not md5... outputs 34
characters, $ and / included (i think DES outputs alpha-numeric only. not
sure though). I sent an e-mail to a mandrake mailing list, until then here's
what I wrote before I actually looked at my /etc/shadow file. Should work
5 matches
Mail list logo
