From owner-freebsd-questions Fri Mar 15 17:26:04 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id RAA16995 for questions-outgoing; Fri, 15 Mar 1996 17:26:04 -0800 (PST) Received: from soda.CSUA.Berkeley.EDU (soda.CSUA.Berkeley.EDU [128.32.43.52]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id RAA16990 for ; Fri, 15 Mar 1996 17:26:02 -0800 (PST) Received: (from richardc@localhost) by soda.CSUA.Berkeley.EDU (8.6.12/8.6.12) id RAA16572; Fri, 15 Mar 1996 17:25:38 -0800 Date: Fri, 15 Mar 1996 17:25:34 -0800 (PST) From: Richard Chang To: "Aaron D. Gifford" cc: questions@freebsd.org Subject: Re: Passwords In-Reply-To: <2.2.32.19960315233819.006d2e4c@infowest.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Fri, 15 Mar 1996, Aaron D. Gifford wrote: > At 11:43 AM 3/15/96 -0800, you wrote: > >Hi there, > > > > We are running a site that had security breakins and the hacker > >managed to changed the root password and the edited both the /etc/passwd > >and /etc/master.passwd file and deleted pretty much everything in it. It > >seems the pwd.db and spwd.db are the original ones since apparently the > >person didn't use vipw on the DES encrypted system. I was wondering if > >there was a way to use the pwd.sb and spwd.db even if the encrypted passwd's > >in master.passwd don't match.... Thanks. > > > >Richard > > > > Hi, > > I've trashed my master.passwd file before, so I wrote me a perl script to > regenerate my master.passwd file from the spwd.db file. It has worked for > me. maybe it will work for you. > > Aaron [perl script deleted to save bandwidth] Now is there a way to regenerate passwd from pwd.db? Thanks! Richard