[HOW TO] create a shadow hash of password ~ ...

Sometimes, you may need to create a critical script to change the password of root or another user. Of course, you don't use the clear text of password. It is very risk and can leak. Then, what should we do on this case?

I want to bring you focus /ect/shadow. For sure, it is salted hash file where stores all of user's password. And it already hashed.

It looks like this

catrulez:$6$3lOhJgJD$lUKZ0Q9LHT6YO3u1pS/0hM9yJOYTkqOh/XaR2O5xYwaPKI6TWIOEjYQSsa2XWJI7Ty.i2XQmHVdqNZDnGYiUT.:17482:0:99999:7:::

and

$6$3lOhJgJD$lUKZ0Q9LHT6YO3u1pS/0hM9yJOYTkqOh/XaR2O5xYwaPKI6TWIOEjYQSsa2XWJI7Ty.i2XQmHVdqNZDnGYiUT

is the shadow hash corresponding to its password.

So, in my imagination, I will create a shadow hash of password what I want to set for individual user and put it to critical script. Then it should be fine.

Two steps:
1. Create a shadow hash

root@catrulez:~# openssl passwd -1 -salt dsadsadd Zxcvbnm1$1$dsadsadd$y4h9pSp/9rS2kVv7x4xRB.

2. Create a user with shadow hash of password.

root@catrulez:~# useradd -p '$1$dsadsadd$y4h9pSp/9rS2kVv7x4xRB.' user_name

Also you can take them to script. Please clear bash history.

Tiến Phan - R0039

Knowledge is Endless

Sharing for Success

...

I'm Tien. I love to write, share my knowledge, help others and also learn from others as I believe everyone has something which can be learned. You can reach me at 4flancake at gmail dot com

[HOW TO] create a shadow hash of password

0 nhận xét:

Post a Comment

Pages

Contact Me

Popular Posts

Categories

Blog Archive