Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Unencrypt passwords

Status
Not open for further replies.
BIS

BIS

Technical User
Jun 1, 2001
1,893
NL
Hallo,

Is there any way to get users passwords. I have a mailserver that I want to migrate to another machine. Instead of having all users change their passwords (which would be useful I guess), is there a way that I can 'un'encrypt the passwords in /etc/passwd and /etc/shadow ?? Many of these users have never vhanged their passwords for the last couple of years and are not even awware of what their passwords are...
 
Sort by date Sort by votes
Nope.

Linux passwords are not encrypted -- they're hashed. Hashes are one-way functions, because it is possible for two different passwords to hash to the same value.

However, if your new machine is running Linux, too, you should be able to move the passwords over as is. The hash algorithm should be the same. Want the best answers? Ask the best questions: TANSTAAFL!
 
Upvote 0 Downvote

You should find your sysadm whip (our best friend) and go after those users...

Cheers Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support
 
Upvote 0 Downvote
Many thanks for the quick replys. New machine is indeed also Linux, but using md5 encryption (or something like that..). Old machine is 'old', has a variety of passwords, some in /etc/passwd, some in /etc/shadow. I am not sure they would work. How would I copy them? Just copy the string after username: and insert it on the other machine?

 
Upvote 0 Downvote
There is one sure way to see if the hash algorithms are compatible.

Create the same test username on both servers, using the same password. Then compare the hash values in /etc/shadow between the two machines.

If they match, chances are you will be able to recreate the users on the new machine and overwrite their passwords in /etc/shadow using the values from the old machine. Want the best answers? Ask the best questions: TANSTAAFL!
 
Upvote 0 Downvote
I'd install "shadow-utils" (Mandrake's name for the package) and use "pwunconv" to convert everything from shadow back to "regular" password locations. Once everything is back in /etc/passwd and /etc/group. Now for enabling MD5'd passwords... not sure. At least, for how to convert them. This post mentions looking at /etc/pam.d/passwd:

It's a start anyway :) --
JR
 
Upvote 0 Downvote
Many thanks for all your help.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

itsp1965
  • Locked
  • Question
Configuring system-auth for non-expiring user passwords
Replies
0
Views
56
itsp1965
itsp1965
Yarka
  • Locked
  • Question
passwords' management
Replies
3
Views
64
stevexff
stevexff
NullTerminator
  • Locked
  • Question
Can end users update their own mod_auth passwords?
Replies
0
Views
28
NullTerminator
NullTerminator
Aaron1940
  • Locked
  • Question
reset everyone's passwords
Replies
6
Views
79
pcunix
pcunix
Nutthick
  • Locked
  • Question
How Secure are Apache Passwords
Replies
1
Views
42
sleipnir214
sleipnir214

Part and Inventory Search

Sponsor

Back
Top