Re: password hash in shadow file
- Date: Tue, 13 Mar 2018 17:19:10 +0100
- From: tomas@xxxxxxxxxx
- Subject: Re: password hash in shadow file
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, Mar 13, 2018 at 04:01:52PM +0000, Adam Weremczuk wrote:
> I think it was me invoking "passwd" as root and aborting (ctrl+D)
> without making any changes.
> Would that be enough to update the shadow file?
Hm. That depends on which point you invoked abort at, but naively
I'd say "no". Note that the system doesn't "know" your password,
only its hash -- so if it succeeded in storing the SHA-1 of your
password (you say it didn't change, did you?) without you telling
it, then it would have to crack your MD5 password hash.
Still strange. Are you sure that you stopped "passwd" early enough?
Had you entered the password already? Twice?
- -- t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
-----END PGP SIGNATURE-----