[ glamoc @ 15.09.2011. 09:08 ] @
|
| Zanima me nacin na koji linux cuva sifre za korisnicke naloge.
Pogledao sam /etc/shadow i mislio sam da se ovde nalaze hesevi sifara ali sam prvo procitao da to nisu hesevi vec da je to sifra kriptovana trostrukim DES-om.
Druga stvar koju sam primetio je da ne postoje sifre za sve korisnike, prosto umesto sifre stoji samo '*'.
E sad ako neko moze da mi objasni ove dve stvari i ako je tacno da se radi o kriptovanju trostrukim DES-om gde se cuva privatni kljuc kojim se radi kriptovanje. |
[ maksvel @ 15.09.2011. 09:14 ] @
Citat:
/etc/shadow usually contains the following user information:
user login name
salt and hashed password OR a status exception value e.g.:
"$id$salt$encrypted", where "$id" is the hashing algorithm used (On linux, "$1$" stands for MD5, "$2$" is Blowfish, "$5$" is SHA-256 and "$6$" is SHA-512, crypt(3) manpage, other Unix may have different values, like NetBSD).
"NP" or "!" or null - No password, the account has no password.
"LK" or "*" - the account is Locked, user will be unable to log-in
"!!" - the password has expired
[ niceness @ 15.09.2011. 13:17 ] @
Procitaj man stranicu za crypt(), tamo sve pise. Mozes pogledati i man stranicu za login.defs (podesavanje za shadow).
Copyright (C) 2001-2024 by www.elitesecurity.org. All rights reserved.