Web lists-archives.com

Re: password hash in shadow file




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Mar 13, 2018 at 05:25:18PM +0100, Sven Hartge wrote:
> Adam Weremczuk <adamw@xxxxxxxxxxxxxxxxx> wrote:
> 
> > I think it was me invoking "passwd" as root and aborting (ctrl+D)
> > without making any changes.  Would that be enough to update the shadow
> > file?
> 
> No.
> 
> You can't reverse a hash and to generate a new hash the code needs the
> password for the user in plain. 

Well, to be fair, the change to SHA-1 is because you can "reverse"
MD5 all too easily (where reverse just means that you find something
which hashes to a given hash, which hasn't to resemble your original
password all too much). Usually you want this something to have
some properties to be useful.

But I don't think your operating system is going to do that behind
your back ;-)

Cheers
- -- t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlqoALIACgkQBcgs9XrR2kYGwwCfR0bt4g4nomrycYho2rA23L6d
BlUAn2c3RW8xuj751aC6LxJt+0T9udPT
=SGi/
-----END PGP SIGNATURE-----