Date: Mon, 17 Jan 2000 03:23:13 -0800 (PST) From: Nguyen Manh Tho <manhtho@yahoo.com> To: FreeBSD-questions@freeBSD.org Cc: FreeBSD-hackers@freeBSD.org Subject: The encripted passwd files Message-ID: <20000117112313.13099.qmail@web1903.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Dear Sirs/Madams, I need to read the encripted passwd field in Linux before converting to Free BSD format, and I have some problem here. This is the documents I read from man 5 passwd form Free BSD 2.2.7 BEGIN HERE ............. The passwd files are files consisting of newline separated records, one per user, containing ten colon (``:'') separated fields. These fields are as follows: name User's login name. password User's encrypted password. uid User's id. gid User's login group id. class User's login class. change Password change time. expire Account expiration time. gecos General information about the user. home_dir User's home directory. shell User's login shell. ............. The password field is the encrypted form of the password. If the password field is empty, no password will be required to gain access to the machine. This is almost invariably a mistake. Because these files contain the encrypted user passwords, they should not be readable by anyone without appropriate privileges. Administrative accounts have a password field containing an asterisk `*' which disallows normal logins. ............. BUGS User information should (and eventually will) be stored elsewhere. The YP/NIS password database makes encrypted passwords visible to ordinary users, thus making password cracking easier unless you use shadow passwords with the master.passwd maps and FreeBSD's ypserv(8) server. Unless you're using FreeBSD's ypserv(8) server?, which supports the use of master.passwd type maps, the YP/NIS password database will be in old style (Sixth Edition) format, which means that site-wide values for user login class, password expiration date, and other fields present in the current format will not be available when a FreeBSD system is used as a client with a standard NIS server. COMPATIBILITY The password file format has changed since 4.3BSD. The following awk script can be used to convert your old-style password file into a new style password file. The additional fields ``class'', ``change'' and ``expire'' are added, but are turned off by default. These fields can then be set using vipw(8) or pw(8). BEGIN { FS = ":"} { print $1 ":" $2 ":" $3 ":" $4 "::0:0:" $5 ":" $6 ":" $7 } END HERE. When I connect as root in Free BSD, I could read the encripted passwd field by using vipw, that really open the master.passwd. This file is very similar to passwd file except that the encripted passwd field can be seen. In Turbo Linux, there is no such master.passwd file and I could not read the encripted passwd field. I need to copy passwd file from Linux to Free BSD, converting the format and would like reserving this encripted passwd field. I can not check if this passwd field reserve or not unless I could read this field from both Linux and Free BSD. I would like to know what is the default encript engine of Free BSD and Linux ? If they diffrent, how can I convert this field without losting any information ? I would like how to view all 10 fields on passwd file in Free BSD because I just see 7 fields in this file. As the document, I can not see 10 field if I do not run ypserv(8) server.I do not know how to run this server and turn on 3 new fields which default turn off. Although to the document I can use the vipw(8) or pw(8) to do that, I try run ypserv, and vipw but I just see 7 fields. Please help me step by step if you could. Thank you very much for all your responses, Nguyen Manh Tho. __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000117112313.13099.qmail>