Web lists-archives.com

Re: password hash in shadow file




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Mar 13, 2018 at 04:01:52PM +0000, Adam Weremczuk wrote:
> I think it was me invoking "passwd" as root and aborting (ctrl+D)
> without making any changes.
> Would that be enough to update the shadow file?

Hm. That depends on which point you invoked abort at, but naively
I'd say "no". Note that the system doesn't "know" your password,
only its hash -- so if it succeeded in storing the SHA-1 of your
password (you say it didn't change, did you?) without you telling
it, then it would have to crack your MD5 password hash.

Still strange. Are you sure that you stopped "passwd" early enough?
Had you entered the password already? Twice?

Cheers
- -- t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlqn+f4ACgkQBcgs9XrR2kYu2ACePqhJ8m5QgIqwleJBpHFPo0Ng
x6sAnRpH4q2J9UqbT7aypggmxFLaIhjH
=qwpf
-----END PGP SIGNATURE-----