Re: Passwords
On Tue, Jan 17, 2023 at 3:55 AM DdB
<debianlist@potentially-spam.de-bruyn.de> wrote:
>
> Am 17.01.2023 um 07:14 schrieb Stanislav Vlasov:
> > вт, 17 янв. 2023 г. в 11:01, David <david.g_jones@ntlworld.com>:
> >> Looking on the internet it says the passwords are stored in /etc/passwd
> >> and /etc/shadow
> >
> > In /etc/shadow only password's hashes, some data, one-way calculated
> > from password string.
> >
> >> The password string in /etc/shadow looks as if it's encoded, how can I
> >> read this string?
> >
> > You can't.
> Everyone (and their friend) seem to know, how to work around this, which
> apparently is common debian knowledge (which is nice).
>
> But somehow, i feel there could be more caring about avoiding to teach
> future hackers by accident. Is this kind of lesson appropriate for a
> users list? - I doubt it.
There's nothing extraordinary in the answers to recover a lost
password. Reiterating them here does not provide additional advantage
to an attacker.
If you don't have physical security on your machine, then you are
already pwn'd. You may not realize it yet, but it's already game over.
Jeff
Reply to:
- References:
- Passwords
- From: David <david.g_jones@ntlworld.com>
- Re: Passwords
- From: Stanislav Vlasov <stanislav.v.v@gmail.com>
- Re: Passwords
- From: DdB <debianlist@potentially-spam.de-bruyn.de>