>> On Mon, 7 Nov 2011 23:40:24 -0700,
>> Bob Proulx <[email protected]> said:
B> I would create a script that edited the /etc/shadow file directly and
B> manipulated the encrypted passwords. Then the clear text would never
B> need to exist in any form. Only the encrypted form of the password is
B> needed. Use a script to swap between two different encrypted forms.
If you don't add or delete a lot of accounts or modify /etc/passwd
frequently, could you change your password to the high-security one,
copy /etc/shadow to /etc/shadow.hi, then change it back and copy
/etc/shadow to /etc/shadow.lo? Then your password-changer could be:
alias hisec='sudo cp -p /etc/shadow.hi /etc/shadow'
alias losec='sudo cp -p /etc/shadow.lo /etc/shadow'
--
Karl Vogel I don't speak for the USAF or my company
It's impossible to sneeze with your eyes open.
--item for a lull in conversation
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
