Date: Tue, 7 Nov 1995 18:34:14 -0800 (PST) From: dhawk@netcom.com (David H) To: questions@freebsd.org Subject: More on How to Use DES Message-ID: <199511080234.SAA15287@netcom15.netcom.com>
next in thread | raw e-mail | index | archive | help
OK, I got DES installed and copied over the password file and all my people can login now, so that's good. BUT when I try to compile sysadmin/security programs they fail saying they can't find _crypt [not the exact error message]. I untar'd des.aa and compared its /usr/lib with the 'real' one now and all get installed properly. What did I miss? Several of you sent me the procedure to install DES, and I thought I could write it up in a more complete description of the processs: 1. get des.aa from an ftp site if you're inside the US/Canada. mkdir /usr/des and copy des.aa to that directory. cd /usr/des and do tar xfvzp des.aa Take a look at the files you have to install. [It was setup to have to do the tar from root (/)]. 2. backup your system 3. Use vipw to change root and toor in the password file to have no password, just in case things go wrong -- root::0:0: [root and toor will have :: after the name of the account]. 4. reboot and when it pauses for kernel options, use -s to boot single user. Mount all your partitions -- mount / mount /usr and any others. 5. cd /usr/lib and you can mkdir OLD and put all the *crypt* files/links in there. Then mv /usr/des/usr/lib/* /usr/lib 6. copy /usr/des/bin/* and /usr/des/sbin/init to /bin and /sbin/init (you might need to mv /sbin/init /sbin/init.old first). 7. reboot Adding the old password file from another system. 1. put the password file in a secure directory. You'll be in a shadow password/db setup from here on out so no need to give someone access to the file to run crack on. 2. Do man 5 passwd and cut the awk script from the end into a file called awk.pass and then do awk -f awk.pass old.passwd > new.passwd 3. Use vipw and read in new.passwd at the end of the file. Remove duplicate accounts. Exit vipw 4. Use ALT-F2 to login on a different pseudo-terminal and check that it worked. If it did, use ALT-F1 to go back to the first window and set the password on root and toor. Check logging in to those accouts on ALT-F2 again. And you're done. One thing to watch for: some systems get weird if you put a blank line in the password file, so don't do that. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199511080234.SAA15287>