[TriLUG] how to unshadow

Jeff Bollinger jeff01 at email.unc.edu
Mon Nov 4 13:32:33 EST 2002 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I guess I was wrong, but I thought that because of the Salt on the
passwords and one-way encryption, that once they were shadowed the
plaintext password could not be recovered?

Thanks,
Jeff

Jon Carnes wrote:
| On Mon, 2002-11-04 at 13:04, Ryan Leathers wrote:
|
|>
|>Quick one I hope - - - im in a pinch - how do I unshadow my passwd
|>	Is there a shell script - do I have to do it by hand - or is
|>there a passwd argument
|>
|
|
| pwunconv:
| NAME
|        pwconv,  pwunconv,  grpconv,  grpunconv  - convert to and from
| shadow
|        passwords and groups.
|
| SYNOPSIS
|        pwconv
|        pwunconv
|        grpconv
|        grpunconv
|
| DESCRIPTION
|   These four programs all operate on the normal and shadow password and
|   group  files: /etc/passwd, /etc/group, /etc/shadow, and /etc/gshadow.
|
|   pwconv creates shadow from passwd and an optionally existing  shadow.
|   pwunconv  creates  passwd  from  passwd  and  shadow and then removes
|   shadow.  grpconv creates gshadow from group and an optionally  exist­
|   ing gshadow.  grpunconv creates group from group and gshadow and then
|   removes gshadow.
|
|   Each program acquires the necessary locks before conversion.
|
|   pwconv and grpconv are similiar.  First, entries in the shadowed file
|   which  don't  exist  in  the  main  file are removed.  Then, shadowed
|   entries which don't have `x' as the password in  the  main  file  are
|   updated.  Any missing shadowed entries are added.  Finally, passwords
|   in the main file are replaced with `x'.  These programs can  be  used
|   for  initial  conversion  as  well to update the shadowed file if the
|   main file is edited by hand.
|
|   pwconv will use  the  values  of  PASS_MIN_DAYS,  PASS_MAX_DAYS,  and
|   PASS_WARN_AGE   from  /etc/login.defs  when  adding  new  entries  to
|   /etc/shadow.
|
|   Likewise, pwunconv and grpunconv are similiar.  Passwords in the main
|   file  are updated from the shadowed file.  Entries which exist in the
|   main file but not in the shadowed file are left alone.  Finally,  the
|   shadowed file is removed.
|
|   Some password aging information is lost by pwunconv.  It will convert
|   what it can.
|
| _______________________________________________
| TriLUG mailing list
|     http://www.trilug.org/mailman/listinfo/trilug
| TriLUG Organizational FAQ:
|     http://www.trilug.org/~lovelace/faq/TriLUG-faq.html

- --
Jeff Bollinger
University of North Carolina
IT Security Analyst
105 Abernethy Hall
mailto: jeff_bollinger at unc dot edu


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE9xr1BvoVlxVBmgsURAhdRAKCQtnKd8o7vztR+NR8fQdoHYTJicwCfa4er
jwB8Oou6bHtdw0KOdD6d59s=
=mbaS
-----END PGP SIGNATURE-----

More information about the TriLUG mailing list